Skip to content

Instantly share code, notes, and snippets.

@chaserhkj
Created September 26, 2018 16:32
Show Gist options
  • Save chaserhkj/979db46ebc27787054b941289edf1255 to your computer and use it in GitHub Desktop.
Save chaserhkj/979db46ebc27787054b941289edf1255 to your computer and use it in GitHub Desktop.
GPG Key 60833864 Transition Statement
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Wednesday, Jun 6 2018, 00:10, +0400
For a number of reasons, I've recently set up a new PGP key
and will be transitioning away from my old one.
The old key will continue to be valid for a short period after
the posting of this message, but future signatures will be
created from the new key. This message is signed by both keys
to certify the transition.
The old key was:
pub 2048R/D7BD47DC 2016-08-23
Fingerprint=AEB1 43F4 C4C1 A1D2 7BF1 31AD F301 4ADB D7BD 47DC
The new key is:
pub 4096R/60833864 2018-06-06
Fingerprint=85A1 6D9B 467A 9099 6C83 2C5D 5666 B349 6083 3864
Note that the signing of this message may have been done by a SUBKEY of
that key, which may make the key id listed in the signature not match
the fingerprint listed here. You can verify it by checking the key listed
here for the subkey used in signing this message.
To fetch the new key from a public key server, you can use the following:
gpg --keyserver pgp.key-server.io --recv-key 60833864
If you already know my old key, you can verify that the new key has been
signed by the old one, so the trail of signatures can still be followed:
gpg --check-sigs 60833864
If you don't know my old key, or you want to be extra careful, you can
check the fingerprint against the one above:
gpg --fingerprint 60833864
You can verify the signatures on this message by downloading the plain
text file as linked and running:
gpg --verify [name of downloaded file]
If you are satisfied that you have the right key, that the UIDs match what
you expect, and you are certain of my identity, I would appreciate it if
you would sign my new key:
gpg --sign-key 60833864
And finally, if you have signed it, to upload the signatures:
gpg --keyserver pgp.key-server.io --send-key 60833864
Key D7BD47DC would be revoked in the future when transition is complete and
the key is not used anymore.
Also, I've used another old key 29DE3A1F in the past:
pub 4096R/29DE3A1F 2015-02-21
sig revok 29DE3A1F 2017-02-27 __________ __________ [selfsig]
Fingerprint=2F3A 0498 1291 E4B4 A96C E40D DB07 0F1E 29DE 3A1F
I transitioned from key 29DE3A1F to key D7BD47DC in the past due to an upgrade
of signing hardware. You can verify that key D7BD47DC had been signed by
key 29DE3A1F before the transition:
gpg --check-sigs D7BD47DC
Key 29DE3A1F is now revoked for not being used anymore. This information is
enclosed for your referrence.
Sorry for any inconvenience.
Regards,
--chaserhkj
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEErrFD9MTBodJ78TGt8wFK29e9R9wFAlsXaAMACgkQ8wFK29e9
R9zgVwf/X0WMRV893yNp3t2keyMommnawrM91Pavycfj1NtnsTQzugrQWdJBy7cs
wM7O+Dq16Srx91Vh0NuspJYbL+kRIBqxV+58aVZouS51Znd5KyFti8yGhCHUQayg
zcG7AtbtRzKy7qXWCQEEZ0/tA7xYks7tInVSCk/dUhDd0MrVFp1xmSILPOx+2rS+
wWco7avGBsHMgAzJmDtHYFfTg3Ei/mcwMpjoeWET+qs7OVwsqduzT/rjhYU2WaPA
AU+2Ba9hOs2sFDEUgh+dEtaoBRL1x6f7QBn0sru2WHrAbgEL9YCrhFKo4+uVHzsc
n2EBRuG6chv6ptP3HaNyyCW6RDJRmokCMwQBAQgAHRYhBIWhbZtGepCZbIMsXVZm
s0lggzhkBQJbF2gQAAoJEFZms0lggzhkZXgP/0Zp3spYo44r0gZuh5vvQ8dnTqca
w2LlkL2cKWWBV3Kf3Ot/JWgym74bSdZlvQok+Me/TagYIABsq780aD0bdkdRVyHD
pSGOworlK9OVcOxijYiTE3aqHrcgyZViVQcDSZMZEeXE1R3n7kPogft11J9990wr
IvFijKd51LrZLPuKV+PjTwjWJCUajLtFXy+aEX7vm6gxiqBQ4EmRaz65W+o4c2tG
xN2gdqi8k1rNUjksqri2wAxVy6DHghwhkJcILIt9b/DkUmPxldMohReq87ao1oBO
sOdLXT0vNAvV7ssq4bjwQWdhJQXv2R8ryX7E5H4uCIBiqRaYU3vq1j6lKv1gG6gV
BtlOCjmNFuKEMxEW1X3lmSCWxO7nf3wsVkWaH0yj++BWlfAp+x3c/yz8wqV5WbN7
AR56qzVByzOXVauCE6hErZQdf14hqzDMvIMJyj5+MagsFlE+YesNycOJ5gtAy83M
K8TqXQe6bsln1UB1zC6ibRRv3GvzF2j5s8erSyLlGgeigrQyCQq1xhzsuVjl91do
DTeQBPNzR0LjF4LxU3ywnVYWvbO8zmMJG9/OfCJddkGsSeUj2jECPrJ2Y1ya9UBl
q/kGerIH+ZnMyb0hI1ZcdYqJhlBZOP344Y/fEq2r47BeRFfDwuT7PxzDDwIj9E2x
gaN3UjggpFYpZN5a
=+CGt
-----END PGP SIGNATURE-----
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment