GPG Key Transition

For a number of reasons, I’ve recently set up a new OpenPGP key, and will be transitioning away from my old one.

The old key will continue to be valid for some time, but I prefer all future correspondence to come to the new one.  I would also like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition.

The old key was:

pub   1024D/33AEDA47 2008-02-19
Key fingerprint = 7444 BFF0 7D4D ABDB A073  2395 7BCE 14BC 33AE DA47

And the new key is:

pub   4096R/A9832EBB 2011-01-28
Key fingerprint = 634C A485 0772 6F0A E3E9  5FE1 54A2 7BAD A983 2EBB

To fetch the full key, you can get it with:

wget -q -O- | gpg --import -

Or, to fetch my new key from a public key server, you can simply do:

gpg --keyserver --recv-key A9832EBB

If you already know my old key, you can now verify that the new key is signed by the old one:

gpg --check-sigs A9832EBB

If you don’t already know my old key, or you just want to be extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint A9832EBB

If you are satisfied that you’ve got the right key, and the UIDs match what you expect, I’d appreciate it if you would sign my key:

gpg --sign-key A9832EBB

Lastly, if you could upload these signatures, I would appreciate it.
You can either send me an e-mail with the new signatures (if you have a functional MTA on your system):

gpg --armor --export A9832EBB | mail -s 'OpenPGP Signatures'

Or you can just upload the signatures to a public keyserver directly:

gpg --keyserver --send-key A9832EBB

Please let me know if there is any trouble, and sorry for the inconvenience.

Thanks and best regards.

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *