[op25-dev] PGP key change

Steve Glass stevie.glass at gmail.com
Wed Aug 14 11:34:06 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Date:2013-08-14

For a number of reasons[0], I've recently changed my email provider
and set up a new OpenPGP key. As a result I shall be immediately
transitioning away from my ten-year old PGP key.

The old key will be revoked very soon, and so I would like all future
correspondence to use the new one.  I would also like this new key to
be re-integrated into the web of trust.  This message is signed by
both keys to certify the transition.

The old key was:

pub   1024D/AE445B2E 2004-10-25
      Key fingerprint = E27B 3AF7 C367 74C2 FFF0  40B7 5BB6 809B AE44 5B2E

and the new key is:

pub   4096R/0E7A0087 2013-08-14
      Key fingerprint = AB4C DD88 559B B3AC DF63  DC76 AE2F F214 0E7A 0087

To fetch the full key from a public key server, you can simply do:

  gpg --keyserver keys.riseup.net --recv-key 0E7A0087

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs 0E7A0087

If you don't already know my old key, or you just want to be extra
sure, you can check the fingerprint against the one above:

  gpg --fingerprint 0E7A0087

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key. You can
do that by issuing the following command:

**
NOTE: if you have previously signed my key but did a local-only
signature (lsign), you will not want to issue the following, instead
you will want to use --lsign-key, and not send the signatures to the
keyserver
**

  gpg --sign-key 0E7A0087

I'd like to receive your signatures on my key. You can either send me
an e-mail with the new signatures (if you have a functional MTA on
your system):

  gpg --export 0E7A0087 | gpg --encrypt -r 0E7A0087 --armor | mail -s
'OpenPGP Signatures' <smg at hush.com>


Additionally, I highly recommend that you implement a mechanism to keep
your key
material up-to-date so that you obtain the latest revocations, and other
updates
in a timely manner.

I also highly recommend checking out the excellent Riseup GPG best
practices doc, from which I stole most of the text for this transition
message ;-)

https://we.riseup.net/riseuplabs+paow/openpgp-best-practices

Please let me know if you have any questions, or problems, and sorry
for the inconvenience.

Steve Glass

0. https://www.debian-administration.org/users/dkg/weblog/48

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iEYEARECAAYFAlILarcACgkQW7aAm65EWy7Y3ACgu55BvaS59A3l41uDsXkrIUMi
a7AAmwTlctyIdAWDj7vXH9InucqIqGlMiQIcBAEBAgAGBQJSC2q3AAoJEK4v8hQO
egCHpJoQAKLyqNRvosqXiiiV4HvxeiiaYlzfkv6CejfynBD5vO4RR+nzim002T7I
ezCmPObO+6PtA0go3qkYn94YIKxqn1RK+ctMmWAF5utAQ0V6bEGMseIwvdzuWt4x
aoaHxdDng1ZaQJO9xS6U/SCm34vg0dQlCW+4sSiMg/GsQ2+wv71wThh81T37DuBX
bDGz53ZMA/wz/W52YJkSaEn+k+R/Js1FSFpNuCvn2NT2wZiWr05H2KKMCUgHitbi
cWA8uFD4Z4EshWJHHlRX3hdB8HygQ8N1rVb83GZjZxMGEUEfVC88ZUSt6al3ACfN
Ix9uM3xbKJ7thrl0NwrvQG/Z+ecmUyjENBeXQBwne86TzVx3E9mgoDdER7pf+zpe
rqXvMSfa+ONSghHkm9u5UCli5/kduG/0gW3eeuqCtXq08c0zJe0NzGsWUSYVNZmI
oeq1erVNpo7zzo7XHGPA8Yq3nfgFPV6A/3ivfmema/J17ngWMtym5CGy8EpJelRv
J4QNRBUGVRKBgrlX+3AvDXvtQznE/NZqE1ugbzGrdimZsxR5d5FcBJU+1+jgZ/OJ
ur//OBHPfDvF15RtiYOCi66IPC5AUrOK0gcw+x/9VHkd6olU7dJDXxx5N58/VNnm
weB+JNY3doQuch4lQVqQ5r484KzfoUS2r7ZC/o/xo2aA6kvanwpZ
=OoMf
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/op25-dev/attachments/20130814/27fa87f3/attachment.html>


More information about the op25-dev mailing list