GPG Key Transition

Category: Ubuntu

For a number of reasons, I've recently set up a new OpenPGP key, and
will be transitioning away from my old one.

The old key will continue to be valid for some time, but I prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust.  This message is
also available signed by both keys to certify the transition at:
files.glatzor.de/gnupg/transition-CF982D18.txt.asc

The old key was:

    pub   1024D/934C22D5 2006-09-11
          Key fingerprint = 1005 044E 8956 38A0 95B2  B004 7AE8 E8AC 934C 22D5

And the new key is:

    pub   2048R/CF982D18 2011-01-03
          Key fingerprint = D0BF 65B7 DBE2 8DB6 2BED  BF1B 683C 53C7 CF98 2D18
   
To fetch the full key, you can get it with::

      wget -q -O- files.glatzor.de/gnupg/CF982D18.asc | gpg --import -
   
Or, to fetch my new key from a public key server, you can simply do::

      gpg --keyserver subkeys.pgp.net --recv-key CF982D18
   
If you already know my old key, you can now verify that the new key is
signed by the old one:

      gpg --check-sigs CF982D18
   
If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

      gpg --fingerprint CF982D18
   
If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

      gpg --sign-key CF982D18

Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system)::

      gpg --armor --export CF982D18 | mail -s 'OpenPGP Signatures' sebi@glatzor.de

Or you can just upload the signatures to a public keyserver directly::

      gpg --keyserver subkeys.pgp.net --send-key CF982D18

Please let me know if there is any trouble, and sorry for the
inconvenience.

Thanks!

<- Back to: Blog