-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1,SHA512 Date: Mon Mar 18 21:32:13 GMT 2013 From: thomas@stewarts.org.uk To: Public Subject: OpenPGP Transition from 1024D to 4096R For a number of reasons[0], I've recently set up a new OpenPGP key, and will be transitioning away from my old one. The old key will continue to be valid for some time, but I prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition. The old key was: pub 1024D/68A70C48 2003-02-11 [expires: 2014-03-19] Key fingerprint = DCCD 7DCB A74A 3E3B 60D5 DF4C FC1D 1ECA 68A7 0C48 uid [ultimate] Thomas Stewart And the new key is: pub 4096R/CD617CF2 2013-03-18 [expires: 2016-03-18] Key fingerprint = 217D 695D ACE2 AE40 F9FE B0C0 85C8 5556 CD61 7CF2 uid [ultimate] Thomas Stewart To fetch the full key from a public key server, you can simply do: gpg --keyserver keys.riseup.net --recv-key CD617CF2 If you already know my old key, you can now verify that the new key is signed by the old one: gpg --check-sigs CD617CF2 If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above: gpg --fingerprint CD617CF2 If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key. You can do that by issuing the following command: gpg --sign-key CD617CF2 I'd like to receive your signatures on my key. You can either upload these signatures to a public keyserver directly: gpg --keyserver keys.riseup.net --send-key CD617CF2 Or you can send me an e-mail with the new signatures (if you have a functional MTA on your system): gpg --armor --export CD617CF2 | gpg --armor --encrypt -r CD617CF2 | mail -s 'OpenPGP Signatures' thomas@stewarts.org.uk I also highly recommend checking out the excellent Riseup GPG best practices doc, from which I stole most of the text for this transition message! https://we.riseup.net/riseuplabs+paow/openpgp-best-practices Please let me know if you have any questions, or problems, and sorry for the inconvenience. Kind Regards - -- Tom 0. https://www.debian-administration.org/users/dkg/weblog/48 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iKYEARECAGYFAlFI9aZfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldERDQ0Q3RENCQTc0QTNFM0I2MEQ1REY0Q0ZD MUQxRUNBNjhBNzBDNDgACgkQ/B0eyminDEhW2QCfSkH/SGHK+/lepEVrYn9HQ9Bo 6YoAoIVx9kpQ1vQfu6JhCiAlOz2v+txSiQJ8BAEBCgBmBQJRSPWmXxSAAAAAAC4A KGlzc3Vlci1mcHJAbm90YXRpb25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQz ODlDRDQxQkFCODk5QjMyRUYwMEM1MkZCMDg5MkJENzdDRjc0QTAzAAoJELCJK9d8 90oDNQQP/1aRJyhDPXbqWjRNy72Bjm9eUUbTEubdEQ0wTTaMKuszbBNJEYqSLG0T zOB13SEVHPIkZW1aO2gMCB/JOeNXAL5pwRVXKswCts5iexKlUI1h2w/CWmnYYf65 3rMyllqihWAnQNoZGp513MaRRJ+7aWL1fRdrfLHAzOzUXESZ6YUqZMQyMnwaOhJP /wbAwiUP4InxYghTMw/a7MZb3VxkKW7BqZev8g+GTr7BWb7oJ4tcCsjqTkqRtg7o 5fzYsDHTE12BIf7Wbr0EzR+fb72kv2CtqEBn3jO4Yw4TdaYUiFJHf71lAvD5hPFV A1kubeSAuwi1qz5MuptWQMnHfwvn2ZObtAODLObIapdEpyti1VlKor6vm8iW2QfV X3gG6RT10AlGpTHv0Bl6x5tREjgzd84yWFoVOGkTjtSQo1FRxAEoltZkeXxXkTGW Jkjmk+biCLRuuTuALQbzNNiO39U9ijziY7lWe622aRQutv8Sf11gKgKz554bPGEy rgBuH1acWc5tJ4EBkkRWnLd8HFXWJZrgCShbuXrVk6DHxM4L+NhcSvCbQk6olUTz u6TwH2+sUrk2ZNsymCu2PI2yFNVm9BTnhp4h99BkTcM3ATdiYw/qKU0VVTQF83Jq 5UTKB1y+SBs/J2I5skJpYAgNdWM8AfaJlLeWO+AT/EIw37KcqtO1 =0R52 -----END PGP SIGNATURE-----