Instantly share code, notes, and snippets.

Embed
What would you like to do?
key-transition-2018-01-05
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Fri Jan 5 10:40:08 CET 2018
For a number of reasons, I've recently set up a new OpenPGP key, and
will be transitioning away from my old one.
The old key will continue to be valid for some time, but I prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.
The old key was:
pub 1024D/6265BAE6 2005-10-26 [expires: 2019-10-10]
Key fingerprint = 4A68 545B F2AE 18CC E8E9 E61F 91B8 ECDC 6265 BAE6
And the new key is:
pub 4096R/A84CB603 2014-03-05 [expires: 2019-03-04]
Key fingerprint = B50D AF2B 22A6 94E8 C195 9C89 DAAC 19AE A84C B603
To fetch the full key from a public key server, you can simply do:
gpg --keyserver keys.gnupg.net --recv-key A84CB603
If you already know my old key, you can now verify that the new key is
signed by the old one:
gpg --check-sigs A84CB603
If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:
gpg --fingerprint A84CB603
If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:
gpg --sign-key A84CB603
Lastly, if you could upload these signatures, I would appreciate it.
You can either export them to a cleartext file and send me an e-mail
with the new signatures:
gpg --armor --export A84CB603 > A84CB603.asc
Or you can just upload the signatures to a public keyserver directly:
gpg --keyserver keys.gnupg.net --send-key A84CB603
If you could to both it would be highly appreciated.
If I signed your key with my old key and you want to have a signature
from my new one, just let me know in a signed e-mail or text file
signed by your old key. I will upload your signed key to a keyserver
and send it to you by e-mail unless you tell me not to.
Please let me know if there is any trouble, and sorry for the
inconvenience.
Regards,
Thomas Widhalm
-----BEGIN PGP SIGNATURE-----
iEYEAREKAAYFAlpPTjsACgkQkbjs3GJluua50ACfXvMsCl+MG7MDTDWnkQy0DrWe
XDsAnRoit21rO1ZZgsnYg7b72lDXOgOLiQIcBAEBCgAGBQJaT047AAoJENqsGa6o
TLYDm1YP/RI8l1USrplxM51pvgtDKMopuIpMb/gJCfg5F1dOat+UVZfhklCUGrU0
zRzoBfytuNZGDo18QoSqLeTdMUEc36JpdVEy/GZGqjc4GXen0cGvz00J+0MefoXy
SIDyTLWubI9Ixbw48urcppZ2UHBw/1CZqwvM3Oo+8j3GgoV1Wpce1IQBij77bubQ
7MGIK14YnaGJQ/ITBbBjz9X9g2q8NmFcrdBFzVnbWE25/JJWhgw5wHBworO20sjl
Vxvl5DlorEKNIWFmlAw+hfeKSrgG4geFrMdsEgUhe/Ci5hBfmUjr/Ix1VyLwF3P0
aDzkbG+1TluLmEmH0QuUTgZXX2ohpNyJGZlETq3Ixtsmm0v9Qb76od9BEQ6PsgS4
/NhUzkjjCfPcfSH9LRRrYO3IRLbDj3yRSBoC6ISnsMx2tDTw5ELl1hU7EUw5E+39
9HeN72QtnU/QAuTWPoIB3tK0UhwHvZVqRCxVARsfXI5iPSSc7hLueaUpnJOiVlv3
q2or5NtMZolkY1S0QT0HClUgCRlycBINNL2vohalrzxKqU6Mh8BpigR4zFlYD2c0
7Tr5qY7UA2QI7WpFIbX8h6SzZow4lFMjOtFfpRUadKZkgIS6jvpa1Ql2sy0Tldnu
oJKEbGOCemhJXOlr7rFU9iIlx93QtfpWE4JMiM0nLy9k3ytBqG2x
=XS9Q
-----END PGP SIGNATURE-----
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment