widhalmt/key-transition-2018-01-05.txt.asc

## key-transition-2018-01-05.txt.asc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Fri Jan  5 10:40:08 CET 2018

For a number of reasons, I've recently set up a new OpenPGP key, and
will be transitioning away from my old one.

The old key will continue to be valid for some time, but I prefer all
future correspondence to come to the new one.  I would also like this
new key to be re-integrated into the web of trust.  This message is
signed by both keys to certify the transition.

The old key was:

pub   1024D/6265BAE6 2005-10-26 [expires: 2019-10-10]
      Key fingerprint = 4A68 545B F2AE 18CC E8E9  E61F 91B8 ECDC 6265 BAE6

And the new key is:

pub   4096R/A84CB603 2014-03-05 [expires: 2019-03-04]
      Key fingerprint = B50D AF2B 22A6 94E8 C195  9C89 DAAC 19AE A84C B603

To fetch the full key from a public key server, you can simply do:

  gpg --keyserver keys.gnupg.net --recv-key A84CB603

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs A84CB603

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

  gpg --fingerprint A84CB603

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

  gpg --sign-key A84CB603

Lastly, if you could upload these signatures, I would appreciate it.
You can either export them to a cleartext file and send me an e-mail
with the new signatures:

  gpg --armor --export A84CB603 > A84CB603.asc

Or you can just upload the signatures to a public keyserver directly:

  gpg --keyserver keys.gnupg.net --send-key A84CB603

If you could to both it would be highly appreciated.

If I signed your key with my old key and you want to have a signature
from my new one, just let me know in a signed e-mail or text file
signed by your old key. I will upload your signed key to a keyserver
and send it to you by e-mail unless you tell me not to.

Please let me know if there is any trouble, and sorry for the
inconvenience.

Regards,

	Thomas Widhalm
-----BEGIN PGP SIGNATURE-----

iEYEAREKAAYFAlpPTjsACgkQkbjs3GJluua50ACfXvMsCl+MG7MDTDWnkQy0DrWe
XDsAnRoit21rO1ZZgsnYg7b72lDXOgOLiQIcBAEBCgAGBQJaT047AAoJENqsGa6o
TLYDm1YP/RI8l1USrplxM51pvgtDKMopuIpMb/gJCfg5F1dOat+UVZfhklCUGrU0
zRzoBfytuNZGDo18QoSqLeTdMUEc36JpdVEy/GZGqjc4GXen0cGvz00J+0MefoXy
SIDyTLWubI9Ixbw48urcppZ2UHBw/1CZqwvM3Oo+8j3GgoV1Wpce1IQBij77bubQ
7MGIK14YnaGJQ/ITBbBjz9X9g2q8NmFcrdBFzVnbWE25/JJWhgw5wHBworO20sjl
Vxvl5DlorEKNIWFmlAw+hfeKSrgG4geFrMdsEgUhe/Ci5hBfmUjr/Ix1VyLwF3P0
aDzkbG+1TluLmEmH0QuUTgZXX2ohpNyJGZlETq3Ixtsmm0v9Qb76od9BEQ6PsgS4
/NhUzkjjCfPcfSH9LRRrYO3IRLbDj3yRSBoC6ISnsMx2tDTw5ELl1hU7EUw5E+39
9HeN72QtnU/QAuTWPoIB3tK0UhwHvZVqRCxVARsfXI5iPSSc7hLueaUpnJOiVlv3
q2or5NtMZolkY1S0QT0HClUgCRlycBINNL2vohalrzxKqU6Mh8BpigR4zFlYD2c0
7Tr5qY7UA2QI7WpFIbX8h6SzZow4lFMjOtFfpRUadKZkgIS6jvpa1Ql2sy0Tldnu
oJKEbGOCemhJXOlr7rFU9iIlx93QtfpWE4JMiM0nLy9k3ytBqG2x
=XS9Q
-----END PGP SIGNATURE-----
	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA512

	Fri Jan 5 10:40:08 CET 2018

	For a number of reasons, I've recently set up a new OpenPGP key, and
	will be transitioning away from my old one.

	The old key will continue to be valid for some time, but I prefer all
	future correspondence to come to the new one. I would also like this
	new key to be re-integrated into the web of trust. This message is
	signed by both keys to certify the transition.

	The old key was:

	pub 1024D/6265BAE6 2005-10-26 [expires: 2019-10-10]
	Key fingerprint = 4A68 545B F2AE 18CC E8E9 E61F 91B8 ECDC 6265 BAE6

	And the new key is:

	pub 4096R/A84CB603 2014-03-05 [expires: 2019-03-04]
	Key fingerprint = B50D AF2B 22A6 94E8 C195 9C89 DAAC 19AE A84C B603

	To fetch the full key from a public key server, you can simply do:

	gpg --keyserver keys.gnupg.net --recv-key A84CB603

	If you already know my old key, you can now verify that the new key is
	signed by the old one:

	gpg --check-sigs A84CB603

	If you don't already know my old key, or you just want to be double
	extra paranoid, you can check the fingerprint against the one above:

	gpg --fingerprint A84CB603

	If you are satisfied that you've got the right key, and the UIDs match
	what you expect, I'd appreciate it if you would sign my key:

	gpg --sign-key A84CB603

	Lastly, if you could upload these signatures, I would appreciate it.
	You can either export them to a cleartext file and send me an e-mail
	with the new signatures:

	gpg --armor --export A84CB603 > A84CB603.asc

	Or you can just upload the signatures to a public keyserver directly:

	gpg --keyserver keys.gnupg.net --send-key A84CB603

	If you could to both it would be highly appreciated.

	If I signed your key with my old key and you want to have a signature
	from my new one, just let me know in a signed e-mail or text file
	signed by your old key. I will upload your signed key to a keyserver
	and send it to you by e-mail unless you tell me not to.

	Please let me know if there is any trouble, and sorry for the
	inconvenience.

	Regards,

	Thomas Widhalm
	-----BEGIN PGP SIGNATURE-----

	iEYEAREKAAYFAlpPTjsACgkQkbjs3GJluua50ACfXvMsCl+MG7MDTDWnkQy0DrWe
	XDsAnRoit21rO1ZZgsnYg7b72lDXOgOLiQIcBAEBCgAGBQJaT047AAoJENqsGa6o
	TLYDm1YP/RI8l1USrplxM51pvgtDKMopuIpMb/gJCfg5F1dOat+UVZfhklCUGrU0
	zRzoBfytuNZGDo18QoSqLeTdMUEc36JpdVEy/GZGqjc4GXen0cGvz00J+0MefoXy
	SIDyTLWubI9Ixbw48urcppZ2UHBw/1CZqwvM3Oo+8j3GgoV1Wpce1IQBij77bubQ
	7MGIK14YnaGJQ/ITBbBjz9X9g2q8NmFcrdBFzVnbWE25/JJWhgw5wHBworO20sjl
	Vxvl5DlorEKNIWFmlAw+hfeKSrgG4geFrMdsEgUhe/Ci5hBfmUjr/Ix1VyLwF3P0
	aDzkbG+1TluLmEmH0QuUTgZXX2ohpNyJGZlETq3Ixtsmm0v9Qb76od9BEQ6PsgS4
	/NhUzkjjCfPcfSH9LRRrYO3IRLbDj3yRSBoC6ISnsMx2tDTw5ELl1hU7EUw5E+39
	9HeN72QtnU/QAuTWPoIB3tK0UhwHvZVqRCxVARsfXI5iPSSc7hLueaUpnJOiVlv3
	q2or5NtMZolkY1S0QT0HClUgCRlycBINNL2vohalrzxKqU6Mh8BpigR4zFlYD2c0
	7Tr5qY7UA2QI7WpFIbX8h6SzZow4lFMjOtFfpRUadKZkgIS6jvpa1Ql2sy0Tldnu
	oJKEbGOCemhJXOlr7rFU9iIlx93QtfpWE4JMiM0nLy9k3ytBqG2x
	=XS9Q
	-----END PGP SIGNATURE-----