3.5 KiB
| categories | comments | date | layout | tags | title | |||||
|---|---|---|---|---|---|---|---|---|---|---|
|
true | 2015-06-07 14:39:58+0200 | page |
|
GPG transition statement |
(Inspired by http://viccuad.me/blog/GPG-transition-statement/)
This exact same text can be found at this location.
{% highlight %} -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Sun Jun 7 14:12:39 CEST 2015
For a number of reasons, i've recently set up a new OpenPGP key, and will be transitioning away from my old one.
The old key will continue to be valid for some time, but i prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition.
the old key was:
pub rsa4096/6E1A4E79 2009-05-11 Key fingerprint = CBD6 EEE3 7132 027A A237 9659 013F A50B 6E1A 4E79
And the new key is:
pub rsa4096/A29D259B 2015-06-05 [expires: 2016-06-04] Key fingerprint = DBC1 07DC 8601 B275 835F 9178 FBE5 5AED A29D 259B
To fetch the full key (including a photo uid, which is commonly stripped by public keyservers), you can get it with:
wget -q -O- https://www.dennogumi.org/A29D259B.txt | gpg --import -
Or, to fetch my new key from a public key server, you can simply do:
gpg --keyserver pgp.mit.edu --recv-key A29D259B
If you already know my old key, you can now verify that the new key is signed by the old one:
gpg --check-sigs A29D259B
If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:
gpg --fingerprint A29D259B
If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key:
gpg --sign-key A29D259B
Lastly, if you could upload these signatures, i would appreciate it. You can either send me an e-mail with the new signatures (if you have a functional MTA on your system):
gpg --armor --export A29D259B | mail -s 'OpenPGP Signatures' lbeltrame at kde.org
Or you can just upload the signatures to a public keyserver directly:
gpg --keyserver pgp.mit.edu --send-key A29D259B
Please let me know if there is any trouble, and sorry for the inconvenience.
Regards, Luca Beltrame -----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJVdDmaAAoJEAE/pQtuGk55uKoP/1orTlEgSNC7HCIJECkkBxqR F64VMegugEFIe2nUyTf13wjtMDXluCy6hpY7+3iaOAHfMFBCOlPe0INrUTiuqwir GnP/PQyzXU41yDqd7ytvNKqV8UkkW6NBcL7vCx810zSbnxpSV5L1N8dDy3GG5ZkE iUm5AH+JJHzZGA7Cn90aA5VcemGCTu5buoJTu2rWWU4ahm3WMHnpuUsYP2mCNnU3 EOc94jlayqiLUTsnjTbpiPbJ7mcxBoufhjg1RHI5uK9BU5db8aUI619nGlTdvHHE pZ4rXYWJqAhjeuDPmAk8poIeITi8qdiY5W5UibajhV2OchAuyOBGYv/Cddx36Xnk rUyxlupZsWXriqo79+DgXsVjTgzBjCpkz+QVnBlq3rboXpgpCh6mZWoECGPBj8dN E0uqsO5CmDxwYv1Yv3EpTvn2rf00pKEAUTq6cfEZAZ7ZhZih7XQdB4qlve4GD8M0 42wQUpFiyRiV0WrXEjN/EyrI0CiY9Rt/wNj+JLKC7NhELyC0q4oRzjvYCJdZHMhH ydM8YiyWVOLUX5b3Y5xqlmRwPQydmjrGv2NAI7y4z0k1yc9pn/K4m5z2sxTunmQk jaYxQ5DkQMpoSxaIYxmAYC5vjAa7U5nlg43sfiaQHa2RCUu+THTwFJaBOd0qYR7P I++SIct+OFU9lnwQkjgyiQEcBAEBCgAGBQJVdDmcAAoJEEDIKBSTsBwWBw4H/RBP 40aLWMqRX3imEIg3jCBmtj9fsPn3OM+D8drF1v5vq2cQHGZcwqLnnaxP9KrZA06A 5/o0ofuqY5dg4jukPWjvqx6hsUlUbEpcJVV9eg0XIlmluaUPc6eVopLJOL0bhYi8 2zk4GLZiiGt7asoJ/rjhQg0BR4aajNALw1wF1pk4oQlm68M5PfjDu9voEd6vg6nv tILBnEGzJjgiOnXHzHcld7+MG1Kut9EmFNTNNgDasLw7HenGTHt9G/rJq5mSwPZY 0Btd7yJ/cbBlCmyC3OIViN2bd+gCeF5HYtVNyMomMaM/0yunqi9ioMxWFaGrmY1d JJF3TtQUDXrgOoXUlD0= =4Yho -----END PGP SIGNATURE----- {% endhighlight %}