«
»

GPG Key Migration

As a follow-up to my earlier post regarding vanity keys, I figured I may as well make use of (at least one of) them. On that note, I’m migrating to a new key! This is actually really good timing, because there’s a key-signing tomorrow at the local LUG. Most of my signatures came from the last one of these I attended (same group of people, too).

Here’s my signed transition notice:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1,SHA256

Tue, 10 Sep 2013 22:50:36 -0400

I have recently created a new GnuPG key, and will be transitioning away
from my old one.

The old key will continue to be valid for some time, but in the future,
I will be only utilising the new key. I would also like this new key to
be re-integrated into the web of trust. This message is signed by both
keys to certify the transition

My old key was:

pub   1024D/04EDC4B1 2000-09-09
      Key fingerprint = 66F1 0E8F F471 EB6F 731F  BEA7 34BE 6C90 04ED C4B1

And my new key is:

pub   4096R/72727212 2013-07-12
      Key fingerprint = A3B6 887C D6DA 724E DED9  34B4 741E F7EB 7272 7212

The new key has been uploaded to the public key servers and can be
retrieved by using, eg.:

    gpg --keyserver pgp.mit.edu --recv-key 72727212

If you already know my old key, you can now verify that the new key is
signed by the old one:

    gpg --check-sigs 72727212

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

    gpg --sign-key 72727212

Lastly, if you could upload these signatures, I would appreciate it.
You can either send me an e-mail with the new signatures:

    gpg --armor --export 72727212 | mail -s 'GPG Signatures' orion@parsed.net

Or you can just upload the signatures to a public keyserver directly:

    gpg --keyserver pgp.mit.edu --send-key 72727212

Please let me know if there is any trouble.

Thanks,
Aaron Haviland

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iEYEARECAAYFAlIv3JUACgkQNL5skATtxLHQDwCglxuJnGmO2HtBsXSa9atBY7dy
m1gAoLdvHB5Q8gaATdomdWstCWPrQNrAiQIcBAEBCAAGBQJSL9yVAAoJEELKuWrQ
G/b9QEkQANOYlFp2FqG4Vmr87NNvZJpLx+XmWDVcSofF9MdP7CmCB8ReYgZBttb7
LgSEIQ7wx6oetbNpOxTJwbJ9KfxZ7HXtVadM59EYvgdEidlM4dEU0iICy+ih5/eD
jShIcD4KO/6CQdqOzW6nGtIzIclhJxvb7nXC/MVHMFV5MF+IGCJyV6yHXsozuvva
9qkIhEpRNQHQnzV09vMZKtZ0ie5JQzutgDIWcSNWsbOGZz9otXq2+J9+9KEprl4U
tsq6GL42L15FcOy4/InQtYHzGp6mr8lYhcIW9icApXB9SxlS1VvB1aERvKhSAX9N
Oysu5+7jA6PCVNOFjfC+UykPPkBUqltmeEvjboVr5epSsERIXLtg2wuSgpfR+C//
r2VnG1yWS+GQ6KJOPmjdtvNgPD5OKriZ1HkmgLUZxDVtbAG2Qgqrjiy+O4HetM30
cXcQDOOGX648b+/FoVwkHEu+9jiewpHk5/K0bliAWScvk4Be1yy/NgPG5ARcykEW
E3ZsjBDRVbc88Jke+jkf9OajF+If797GL6nID+/s1d1Hr90PVtC8neuhR7OIyzLk
VAheQe/gdZ8vX9rMQU+C7Fgbf39qCNAQlWrrvcxdtDNboFxOtZFcwdjyZPlb2p/s
9Y+1J4RLbiX1doG6CN1XaNkIX53NxWBpyFmFAB8v3ddrDT+P5R0I
=KyiD
-----END PGP SIGNATURE-----

This entry was posted on Tuesday, September 10th, 2013 at 11:04 pm by Aaron Haviland. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.