Wed 2 Feb 2011
The public key I’ve had for the last three years or so was a 1024-bit DSA key with a SHA1 signature. With the discussion of the upcoming keysigning at FOSDEM, I decided it was about time for a new more secure key. Thus, I will be transitioning away from my old key to the following new key:
pub 4096R/F5862A37 2011-02-02 [expires: 2012-02-02] Key fingerprint = EA30 D855 D50F 90CD F54D 0698 0713 C3ED F586 2A37
The old key will continue to be valid for some time, but i prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. The old key is signed with the new one and vice versa.
The old key was:
pub 1024D/94EFD9D8 2008-02-19 Key fingerprint = F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
The new public key is now available on my website. Also, to fetch the full new key from a public key server, you can simply do:
gpg --recv-key F5862A37
If you already know my old key, you can now verify that the new key is signed by the old one:
gpg --check-sigs F5862A37
If you don’t already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:
gpg --fingerprint F5862A37
If you are satisfied that you’ve got the right key, and the UIDs match what you expect, I’d appreciate it if you would sign my key. gpg –sign-key F5862A37
Please let me know if you have any questions, or problems, and sorry for the inconvenience.