The public key I’ve had for the last three years or so was a 1024-bit DSA key with a SHA1 signature. With the discussion of the upcoming keysigning at FOSDEM, I decided it was about time for a new more secure key. Thus, I will be transitioning away from my old key to the following new key:

pub   4096R/F5862A37 2011-02-02 [expires: 2012-02-02]
      Key fingerprint = EA30 D855 D50F 90CD F54D  0698 0713 C3ED F586 2A37

The old key will continue to be valid for some time, but i prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. The old key is signed with the new one and vice versa.

The old key was:

pub   1024D/94EFD9D8 2008-02-19
      Key fingerprint = F8EF F1EA 401E 2E60 15FA  7927 142C 2591 94EF D9D8

The new public key is now available on my website. Also, to fetch the full new key from a public key server, you can simply do:

gpg --recv-key F5862A37

If you already know my old key, you can now verify that the new key is signed by the old one:

gpg --check-sigs F5862A37

If you don’t already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint F5862A37

If you are satisfied that you’ve got the right key, and the UIDs match what you expect, I’d appreciate it if you would sign my key.

gpg –sign-key F5862A37

Please let me know if you have any questions, or problems, and sorry for the inconvenience.