Posts Tagged ‘OpenPGP’
I’ve recently set up a new GPG key, and will be transitioning away from my old one. I have done this in order to migrate to a larger RSA key and stronger hash functions, and NOT due to any known key compromise. The old key will continue to be valid for some time, but future correspondence should use the new one wherever possible.
I have created a transition document and signed it with both keys, a summary of which is included here for reference.
I would also like to ensure that this new key is well-integrated into the web of trust. This message is signed by both keys to certify the transition. The old key was: pub 1024D/43E25D1E 2000-03-30 Key fingerprint = E86D 8583 92CB FD92 70AD 43DC 02BC 42B7 43E2 5D1E The new key is: pub 4096R/AE426944 2010-01-04 Key fingerprint = A243 3192 1670 F006 0A97 500A 8A11 1B5C AE42 6944 sub 4096R/9C92EE9E 2010-01-04 To fetch my new key from a public key server, you can run: gpg --keyserver pgp.mit.edu --recv-keys AE426944 If you already know my old key, you can now verify that the new key is signed by the old one: gpg --check-sigs AE426944 If you have previously signed my old key, and you're satisfied that you've got the correct new key, then I'd appreciate it if you would sign my new key as well: gpg --sign-key AE426944 gpg --keyserver pgp.mit.edu --send-key EF584970 (or use the caff(1) tool if you prefer)