Rspigler/Split GPG with Subkeys on Qubes

## Split GPG with Subkeys on Qubes
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I have a master private key (Certify Only) stored in Vault, separate Encryption and Sign secrete_subkeys generated in Vault and stored in networkless work-gpg.  All public keys stored in a separate AppVM (GPG_Process) for 'qubes-gpg-client' command to access the work-gpg VM via the Split GPG protocol.  3rd party Public Keys are stored in work-gpg using 'qubes-gpg-import-key' through a DispVM.

My new public key fingerprint is:
BF0D 3C08 A439 5AC6 11C1  5395 B70B 4A77 F850 548F

Unfortunately, I cannot sign this key with my past PGP key, as I revoked it prior to writing this message (I know, dumb). You can find all prior (revoked) keys on any keyserver, as well as this new, secured key on a keyserver as well.  1 prior key is not revoked, as it was generated in 2015, long before I knew what I was doing, and is long lost.

This key is also posted on my twitter account, and a message explaining the situation here:
https://twitter.com/RobertSpigler/status/1279204032884682752

The Qubes mailing list where users helped me troubleshoot this new key process can be read here:
https://groups.google.com/forum/#!topic/qubes-users/JE6pK-M3V3M

Always remember that you should verify a key by obtaining fingerprints of the key from multiple independent sources.

This message is signed by my new key.

Robert Spigler
RobertSpigler@ProtonMail.ch
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEf4WKHNGE9pWzsby0UsewL8eQ8/AFAl7/y+gACgkQUsewL8eQ
8/BEVw//cr9q8AETnQYMoJxK7NUZZMRzlmpXEVrt4YC/qykc9LZsWqjmoCU0o0RA
fbx3wrwglxroRBoJLAbnqvF8rgBykhsDxyvEeQAz3uFdF5mwMVEyPPxlWh2tQMHB
bxjZPPvv/sMuFzeIeOLkBxMkmkD7SWcEMT7ekV5ups8ewKqQzq3ED4FXa8QVUANx
P9qoZFrlff1PsPA9O4EaR1kazu5KmEspC44nIzq99xyIcCaxxezY7gToA0RxlmL8
hDi8Xt6QYU9I6MLwzAB8mpOoE276PwBAEY9FNWFJv1ZcGKE7HTzgL3gdEpUwtLto
qjN8NBkip0paXvp34ccdE7xUJtWrsThEPdGkvMo+IcTVnQn7/6klgygHJasqmh53
dDd8Pu9zgJfHrTPRr6mwtCqSWlWQkwJwcvCcd6oaexZZF8NWcpoGbRTqBkEvxQ9k
KEx/rXrOWkrOOsljqDCP51xv+cQeYlwtXbTRP/yt1ZvgAhBSCJhEDj25AWhUv2C+
j0wgaJNzAt+Z7i6SGOcNQK+blnJ6fBzKn40L6xpNfHTUwdRMU77wjwgl38hBOYhH
aRQDMiyzfPZ5iWwR71kbx5g/XnBWRizNGGHrFbULB2I7FmU3xTuHEWwNOCzrEj+3
3tsUr5YuhxZvRF5RD3ZZfwKAxMqMKbV1/PVdch2PtxGyWOPMdlc=
=/35v
-----END PGP SIGNATURE-----
	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA512

	I have a master private key (Certify Only) stored in Vault, separate Encryption and Sign secrete_subkeys generated in Vault and stored in networkless work-gpg. All public keys stored in a separate AppVM (GPG_Process) for 'qubes-gpg-client' command to access the work-gpg VM via the Split GPG protocol. 3rd party Public Keys are stored in work-gpg using 'qubes-gpg-import-key' through a DispVM.

	My new public key fingerprint is:
	BF0D 3C08 A439 5AC6 11C1 5395 B70B 4A77 F850 548F

	Unfortunately, I cannot sign this key with my past PGP key, as I revoked it prior to writing this message (I know, dumb). You can find all prior (revoked) keys on any keyserver, as well as this new, secured key on a keyserver as well. 1 prior key is not revoked, as it was generated in 2015, long before I knew what I was doing, and is long lost.

	This key is also posted on my twitter account, and a message explaining the situation here:
	https://twitter.com/RobertSpigler/status/1279204032884682752

	The Qubes mailing list where users helped me troubleshoot this new key process can be read here:
	https://groups.google.com/forum/#!topic/qubes-users/JE6pK-M3V3M

	Always remember that you should verify a key by obtaining fingerprints of the key from multiple independent sources.

	This message is signed by my new key.

	Robert Spigler
	RobertSpigler@ProtonMail.ch
	-----BEGIN PGP SIGNATURE-----

	iQIzBAEBCgAdFiEEf4WKHNGE9pWzsby0UsewL8eQ8/AFAl7/y+gACgkQUsewL8eQ
	8/BEVw//cr9q8AETnQYMoJxK7NUZZMRzlmpXEVrt4YC/qykc9LZsWqjmoCU0o0RA
	fbx3wrwglxroRBoJLAbnqvF8rgBykhsDxyvEeQAz3uFdF5mwMVEyPPxlWh2tQMHB
	bxjZPPvv/sMuFzeIeOLkBxMkmkD7SWcEMT7ekV5ups8ewKqQzq3ED4FXa8QVUANx
	P9qoZFrlff1PsPA9O4EaR1kazu5KmEspC44nIzq99xyIcCaxxezY7gToA0RxlmL8
	hDi8Xt6QYU9I6MLwzAB8mpOoE276PwBAEY9FNWFJv1ZcGKE7HTzgL3gdEpUwtLto
	qjN8NBkip0paXvp34ccdE7xUJtWrsThEPdGkvMo+IcTVnQn7/6klgygHJasqmh53
	dDd8Pu9zgJfHrTPRr6mwtCqSWlWQkwJwcvCcd6oaexZZF8NWcpoGbRTqBkEvxQ9k
	KEx/rXrOWkrOOsljqDCP51xv+cQeYlwtXbTRP/yt1ZvgAhBSCJhEDj25AWhUv2C+
	j0wgaJNzAt+Z7i6SGOcNQK+blnJ6fBzKn40L6xpNfHTUwdRMU77wjwgl38hBOYhH
	aRQDMiyzfPZ5iWwR71kbx5g/XnBWRizNGGHrFbULB2I7FmU3xTuHEWwNOCzrEj+3
	3tsUr5YuhxZvRF5RD3ZZfwKAxMqMKbV1/PVdch2PtxGyWOPMdlc=
	=/35v
	-----END PGP SIGNATURE-----