Last active
January 5, 2018 10:14
-
-
Save widhalmt/7a0baab1844a594823a5234ca511a343 to your computer and use it in GitHub Desktop.
key-transition-2018-01-05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-----BEGIN PGP SIGNED MESSAGE----- | |
Hash: SHA512 | |
Fri Jan 5 10:40:08 CET 2018 | |
For a number of reasons, I've recently set up a new OpenPGP key, and | |
will be transitioning away from my old one. | |
The old key will continue to be valid for some time, but I prefer all | |
future correspondence to come to the new one. I would also like this | |
new key to be re-integrated into the web of trust. This message is | |
signed by both keys to certify the transition. | |
The old key was: | |
pub 1024D/6265BAE6 2005-10-26 [expires: 2019-10-10] | |
Key fingerprint = 4A68 545B F2AE 18CC E8E9 E61F 91B8 ECDC 6265 BAE6 | |
And the new key is: | |
pub 4096R/A84CB603 2014-03-05 [expires: 2019-03-04] | |
Key fingerprint = B50D AF2B 22A6 94E8 C195 9C89 DAAC 19AE A84C B603 | |
To fetch the full key from a public key server, you can simply do: | |
gpg --keyserver keys.gnupg.net --recv-key A84CB603 | |
If you already know my old key, you can now verify that the new key is | |
signed by the old one: | |
gpg --check-sigs A84CB603 | |
If you don't already know my old key, or you just want to be double | |
extra paranoid, you can check the fingerprint against the one above: | |
gpg --fingerprint A84CB603 | |
If you are satisfied that you've got the right key, and the UIDs match | |
what you expect, I'd appreciate it if you would sign my key: | |
gpg --sign-key A84CB603 | |
Lastly, if you could upload these signatures, I would appreciate it. | |
You can either export them to a cleartext file and send me an e-mail | |
with the new signatures: | |
gpg --armor --export A84CB603 > A84CB603.asc | |
Or you can just upload the signatures to a public keyserver directly: | |
gpg --keyserver keys.gnupg.net --send-key A84CB603 | |
If you could to both it would be highly appreciated. | |
If I signed your key with my old key and you want to have a signature | |
from my new one, just let me know in a signed e-mail or text file | |
signed by your old key. I will upload your signed key to a keyserver | |
and send it to you by e-mail unless you tell me not to. | |
Please let me know if there is any trouble, and sorry for the | |
inconvenience. | |
Regards, | |
Thomas Widhalm | |
-----BEGIN PGP SIGNATURE----- | |
iEYEAREKAAYFAlpPTjsACgkQkbjs3GJluua50ACfXvMsCl+MG7MDTDWnkQy0DrWe | |
XDsAnRoit21rO1ZZgsnYg7b72lDXOgOLiQIcBAEBCgAGBQJaT047AAoJENqsGa6o | |
TLYDm1YP/RI8l1USrplxM51pvgtDKMopuIpMb/gJCfg5F1dOat+UVZfhklCUGrU0 | |
zRzoBfytuNZGDo18QoSqLeTdMUEc36JpdVEy/GZGqjc4GXen0cGvz00J+0MefoXy | |
SIDyTLWubI9Ixbw48urcppZ2UHBw/1CZqwvM3Oo+8j3GgoV1Wpce1IQBij77bubQ | |
7MGIK14YnaGJQ/ITBbBjz9X9g2q8NmFcrdBFzVnbWE25/JJWhgw5wHBworO20sjl | |
Vxvl5DlorEKNIWFmlAw+hfeKSrgG4geFrMdsEgUhe/Ci5hBfmUjr/Ix1VyLwF3P0 | |
aDzkbG+1TluLmEmH0QuUTgZXX2ohpNyJGZlETq3Ixtsmm0v9Qb76od9BEQ6PsgS4 | |
/NhUzkjjCfPcfSH9LRRrYO3IRLbDj3yRSBoC6ISnsMx2tDTw5ELl1hU7EUw5E+39 | |
9HeN72QtnU/QAuTWPoIB3tK0UhwHvZVqRCxVARsfXI5iPSSc7hLueaUpnJOiVlv3 | |
q2or5NtMZolkY1S0QT0HClUgCRlycBINNL2vohalrzxKqU6Mh8BpigR4zFlYD2c0 | |
7Tr5qY7UA2QI7WpFIbX8h6SzZow4lFMjOtFfpRUadKZkgIS6jvpa1Ql2sy0Tldnu | |
oJKEbGOCemhJXOlr7rFU9iIlx93QtfpWE4JMiM0nLy9k3ytBqG2x | |
=XS9Q | |
-----END PGP SIGNATURE----- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment