Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Date: 21.08.2017
For a number of reasons, I have recently set up a new OpenPGP key,
and will be transitioning away from my old one.
The old key will continue to be valid for some short time, but I prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.
The old key was:
pub rsa4096/0x09A98C22A513D673 2013-12-10 [expires: 2017-10-19]
Key fingerprint = 4DA1 6296 AD30 5875 7F36 EC9A 09A9 8C22 A513 D673
And the new key is:
pub rsa4096/0xC0EE0613CA05BB39 2017-08-15
Key fingerprint = 3BA8 D01E 0D36 94FC 8361 9065 C0EE 0613 CA05 BB39
To fetch the full key from a public key server, you can simply do:
gpg --keyserver pgp.mit.edu --recv-key 0xC0EE0613CA05BB39
If you already know my old key, you can now verify that the new key is
signed by the old one:
gpg --check-sigs 0xC0EE0613CA05BB39
Please contact me at <mzet@owasp.org> if you have any questions, or problems, and sorry for the inconvenience.
Mariusz Ziulek
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETaFilq0wWHV/NuyaCamMIqUT1nMFAlmaHLoACgkQCamMIqUT
1nNVWg/9GDh4rUJTZE8XJL0f5IuPhWpiAN+miiZJ4O/RD3rE6oGuMpGCcBxg2ZHr
mpQVHGSUrPyGxmLMqnKgeYh9v32ry0CvfmusqW6p6l7X3Hcnn3ZebpM/D/9d2XK6
fhmnX+Zrx+TXrz1tmr/vszbf9KhwL4WiPPS9ECgIQEYohL8it6vcWSO/oRuLLFkD
4vmHKFDgvWcux3W3ZgIHI1IZ7KdwbwUqQUXwIulUxscl5LLtHqk9+q/ZdnNPfzP3
dRa6hhB33T2e71t9ACu5L2GHaz0Lz4oJs4Gade7J7M+9EUYMN06YSLKhQGOrGMzp
TEhd0UuR9fkB3uhakffriO+TgnCz2ByanyTUIxXutn7w+HVbRUm4QQN6FZIPPRTl
t3ooxuf3slvHERB8p8et++I0antoVmmx1n5BIakSY7W1cfLeHQhUcETa425xy8A4
Xa/ecyZqFiI8nr29ORBP5Q66Fxt8OVkLvV/9+AIuy+ue763BiO47oGxfa03CVmXh
PVywbdSj9MBri7geRgi1tRg2kZJBLU0f8nWYdEb0d4NFviwOweMtUa8H4NKGXSXv
eP8RRJlOKWSAhWn3PUORvzwwtgEI2t5/VsYKkcTOo1HW2XuMWhiv0wwpfS4Eibs/
YYL3yAiYwsuTDk+StNHIJ6IA07D02YVeO6ov9TLTywZQJ5MsRseJAjMEAQEKAB0W
IQQplrcmwn331pFiSicRpiRZLK8WMgUCWZocugAKCRARpiRZLK8WMrKBD/sGc1Kv
jjhENxhh8T0dau3zjTY+cXspeeeGb3r3Mp4i9Tk3HaCpNCiPMzISayAGQ/RR8j+T
Km0u7TPsQD4tSbBDQ+EnhWTqIJs8/VEf52/0wiJXmSjV2xCt/Clmlyx1fWMMQDDL
tZdqGcEDpL0qXU8k/EywD2sROhOXWh/TPBK7O1jmAztT5ES3vAMNvnbxP8D1JIVa
PMF2WVeALnGtL1+kz39NV4ZtP+RtGsh6XxZ3voTN4qBKIPbS0hC+tbSz5YbKbAGQ
17wa4tiXCYs17Splt43ubyJJrUGxLVvJShX/JgzDl3a/2O8YgaW7cNDtX1Jqwfc4
4bhnayKkvOwNlhTs/3uRLydaPkA3e7g2dH64heFWAa2NLcjkqp3y5y0+Aa9IEWX3
jghIDeGRnJeLyzb52jsvGUykAp0JtTPgYHrwbnAc8iSXGZnDbDvFtUvLV4zfT+xw
hldLIcuNg/WEpmbtgYmQgVxcUqk5llN75dnKtp7L7Pav8QgnN54jtQCMwG/WY2rk
B9uVgr9qfH36tJJEjUTR1r+IlZoN3MD1tiejBcrfwVkOJRKfQbHTmcaJv1+x1l07
7/XD1YGzs9z9IlW8IloTEIIikl1DbT90CbWzmrus4I9jJ+T6y4sFp065bjof9Iaz
4lqrPp8Ih8J8jrAI1qDoW9bTQkhAYt3hZINjXQ==
=TAjz
-----END PGP SIGNATURE-----
@mzet-

This comment has been minimized.

Copy link
Owner Author

commented Aug 20, 2017

To verify the signatures on the above transition statement one can run:

$ curl https://gist.githubusercontent.com/mzet-/f2305a4796006f2bf16c4e121439f74c/raw/40ce1b1b66357d4fec2d3bc6f6eeaa925ce280a3/mzet-pgp-key-transistion.txt | gpg --verify
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.