New post: "GPG transition statement"

2015-06-07 14:43:32 +02:00 · 2015-06-07 14:43:32 +02:00 · cb651a9629
commit cb651a9629
parent f9cc216423
1 changed files with 105 additions and 0 deletions
--- a/_posts/2015-06-07-gpg-transition-statement.markdown
+++ b/_posts/2015-06-07-gpg-transition-statement.markdown
@ -0,0 +1,105 @@
+---
+categories:
+- General
+- Linux
+comments: true
+date: 2015-06-07 14:39:58+0200
+layout: page
+tags:
+- gpg
+- key
+- blog
+title: GPG transition statement
+---
+
+(Inspired by <http://viccuad.me/blog/GPG-transition-statement/>)
+
+This exact same text can be found at [this location](https://www.dennogumi.org/transition-statement-2015-06-15.txt).
+
+````
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+Sun Jun  7 14:12:39 CEST 2015
+
+For a number of reasons, i've recently set up a new OpenPGP key, and
+will be transitioning away from my old one.
+
+The old key will continue to be valid for some time, but i prefer all
+future correspondence to come to the new one.  I would also like this
+new key to be re-integrated into the web of trust.  This message is
+signed by both keys to certify the transition.
+
+the old key was:
+
+pub   rsa4096/6E1A4E79 2009-05-11
+      Key fingerprint = CBD6 EEE3 7132 027A A237  9659 013F A50B 6E1A 4E79
+
+And the new key is:
+
+pub   rsa4096/A29D259B 2015-06-05 [expires: 2016-06-04]
+      Key fingerprint = DBC1 07DC 8601 B275 835F  9178 FBE5 5AED A29D 259B
+
+To fetch the full key (including a photo uid, which is commonly
+stripped by public keyservers), you can get it with:
+
+  wget -q -O- https://www.dennogumi.org/A29D259B.txt | gpg --import -
+
+Or, to fetch my new key from a public key server, you can simply do:
+
+  gpg --keyserver pgp.mit.edu --recv-key A29D259B
+
+If you already know my old key, you can now verify that the new key is
+signed by the old one:
+
+  gpg --check-sigs A29D259B
+
+If you don't already know my old key, or you just want to be double
+extra paranoid, you can check the fingerprint against the one above:
+
+  gpg --fingerprint A29D259B
+
+If you are satisfied that you've got the right key, and the UIDs match
+what you expect, I'd appreciate it if you would sign my key:
+
+  gpg --sign-key A29D259B
+
+Lastly, if you could upload these signatures, i would appreciate it.
+You can either send me an e-mail with the new signatures (if you have
+a functional MTA on your system):
+
+  gpg --armor --export A29D259B | mail -s 'OpenPGP Signatures' lbeltrame at kde.org
+
+Or you can just upload the signatures to a public keyserver directly:
+
+  gpg --keyserver pgp.mit.edu --send-key A29D259B
+
+Please let me know if there is any trouble, and sorry for the
+inconvenience.
+
+Regards,
+        Luca Beltrame
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQIcBAEBCgAGBQJVdDmaAAoJEAE/pQtuGk55uKoP/1orTlEgSNC7HCIJECkkBxqR
+F64VMegugEFIe2nUyTf13wjtMDXluCy6hpY7+3iaOAHfMFBCOlPe0INrUTiuqwir
+GnP/PQyzXU41yDqd7ytvNKqV8UkkW6NBcL7vCx810zSbnxpSV5L1N8dDy3GG5ZkE
+iUm5AH+JJHzZGA7Cn90aA5VcemGCTu5buoJTu2rWWU4ahm3WMHnpuUsYP2mCNnU3
+EOc94jlayqiLUTsnjTbpiPbJ7mcxBoufhjg1RHI5uK9BU5db8aUI619nGlTdvHHE
+pZ4rXYWJqAhjeuDPmAk8poIeITi8qdiY5W5UibajhV2OchAuyOBGYv/Cddx36Xnk
+rUyxlupZsWXriqo79+DgXsVjTgzBjCpkz+QVnBlq3rboXpgpCh6mZWoECGPBj8dN
+E0uqsO5CmDxwYv1Yv3EpTvn2rf00pKEAUTq6cfEZAZ7ZhZih7XQdB4qlve4GD8M0
+42wQUpFiyRiV0WrXEjN/EyrI0CiY9Rt/wNj+JLKC7NhELyC0q4oRzjvYCJdZHMhH
+ydM8YiyWVOLUX5b3Y5xqlmRwPQydmjrGv2NAI7y4z0k1yc9pn/K4m5z2sxTunmQk
+jaYxQ5DkQMpoSxaIYxmAYC5vjAa7U5nlg43sfiaQHa2RCUu+THTwFJaBOd0qYR7P
+I++SIct+OFU9lnwQkjgyiQEcBAEBCgAGBQJVdDmcAAoJEEDIKBSTsBwWBw4H/RBP
+40aLWMqRX3imEIg3jCBmtj9fsPn3OM+D8drF1v5vq2cQHGZcwqLnnaxP9KrZA06A
+5/o0ofuqY5dg4jukPWjvqx6hsUlUbEpcJVV9eg0XIlmluaUPc6eVopLJOL0bhYi8
+2zk4GLZiiGt7asoJ/rjhQg0BR4aajNALw1wF1pk4oQlm68M5PfjDu9voEd6vg6nv
+tILBnEGzJjgiOnXHzHcld7+MG1Kut9EmFNTNNgDasLw7HenGTHt9G/rJq5mSwPZY
+0Btd7yJ/cbBlCmyC3OIViN2bd+gCeF5HYtVNyMomMaM/0yunqi9ioMxWFaGrmY1d
+JJF3TtQUDXrgOoXUlD0=
+=4Yho
+-----END PGP SIGNATURE-----
+````