-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1,SHA256 [ Deutsche Version unter https://www.sebastian-kuhnert.de/keytransition.de.txt ] Date: 12th June 2014 For a number of reasons[1], I've recently set up a new OpenPGP key, and will be transitioning away from my old ones. The old keys will continue to be valid for some time, but I prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. This message is signed by both the old keys and the new one to certify the transition. The old keys were: pub 1024D/A39F36F8 2002-03-14 Key fingerprint = 96D1 6FB7 68E5 5D25 3AB3 15DE 6A6E 91F6 A39F 36F8 uid Sebastian Kuhnert pub 4096R/F82B6106 2009-05-06 Key fingerprint = FEC5 F4C2 66B5 B28F 9E66 3336 0AD5 6074 F82B 6106 uid Sebastian Kuhnert uid Sebastian Kuhnert And the new key is: pub 4096R/26AAAAAA 2013-11-27 Key fingerprint = 8EAB A6B7 B3DF 237E 1D9F AF11 D116 F013 26AA AAAA uid Sebastian Kuhnert uid Sebastian Kuhnert To fetch the full key from a public key server, you can simply do: gpg --recv-keys --keyserver pool.sks-keyservers.net 8EABA6B7B3DF237E1D9FAF11D116F01326AAAAAA If you already know one of my old keys, you can now verify that the new key is signed by the old ones: gpg --check-sigs 8EABA6B7B3DF237E1D9FAF11D116F01326AAAAAA If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key. You can do that by issuing the following command: ** NOTE: if you have previously signed my key but did a local-only signature (lsign), you will not want to issue the following, instead you will want to use - - - --lsign-key, and not send the signatures to the keyserver ** gpg --sign-key 8EABA6B7B3DF237E1D9FAF11D116F01326AAAAAA I'd like to receive your signatures on my key. You can either send me an e-mail with the new signatures (if you have a functional MTA on your system): gpg --export 8EABA6B7B3DF237E1D9FAF11D116F01326AAAAAA | gpg --encrypt -r 8EABA6B7B3DF237E1D9FAF11D116F01326AAAAAA --armor | mail -s 'OpenPGP Signatures' mail@sebastian-kuhnert.de Or you can upload it to the key servers: gpg --send-keys --keyserver pool.sks-keyservers.net 8EABA6B7B3DF237E1D9FAF11D116F01326AAAAAA I also highly recommend checking out the excellent Riseup GPG best practices doc, from which I stole most of the text for this transition message ;-) https://we.riseup.net/debian/openpgp-best-practices Please let me know if you have any questions, or problems, and sorry for the inconvenience. Sebastian Kuhnert [1] The 1024 bit DSA key A39F36F8 with SHA1 based signatures is not up to today's security standards. And the F82B6106 key does not separate the certification and signing keys. For further background, see also https://www.debian-administration.org/users/dkg/weblog/48 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlOaCqYACgkQam6R9qOfNvgavACfRI5ZoFbFK/D0JhHEsY1TPj1Q oOQAmwUWf4anOEh3TlTekWTQn3huBjL2iQIcBAEBCAAGBQJTmgqmAAoJEArVYHT4 K2EGi4IP+wQLIiwV+cnfAj2B4KRCWv8+QC/A4pBx28exxPMqollkjqNUakGwFWqO iHZ1UAFGpVZ6PCgzVzvNbTaoWAqDAuAVxmgnDEYEIL0Cj0oJkgJrKTkPJRk7+5MX Yn5c9FMY1pU6Vju+sVxEm3HHpFtuirNr22kk4S/Z33v2Wt72O8ppVgNhoTgTPGhU qv+TuWXUiZtFX6a1eooJp8TUNHcWV4w9WsePMTcdny7TI32Zt2UiysJldH1T2mcp SdC0mwqGXgoNirm4FHIWNG3bbjwsA2Xnc/YPhdys4rZze8Q3OGv3HVCXRPVOVmBe eNmhYkSjEGrwr3L/FOjgx60c+amU4Ex8TMkOVH5nwNL50EptEBZ+v5eOZ3VMKWh+ vpggGL1NiaL1oCUdSqP2V6k5LHBT8Yj7L82ECusCdvko4jIoa6104bfqC0dAukVX gJbKzhJLGOkhx24SFrdYg4vqTc927eZZL5B9CZUcNI6SUpTRdlOjfkjjO/ACkPt7 usB4bnKea8C191WtqLiCDRZhIHj5zH7alFQ9tBN6GBGaYNRShdZ3wtPtZn/Hmz6V K44rGFiYShjLceh3SzdZ0qA3uIinKLLSY0r0aJSNdrw6H/hrv0z/K8keb4U5TVLH AfOIsK6XEx6tJE2floQuNwbVx/xUB3YCv/7xfd/3/7qChZBuq9zDiQIcBAEBCAAG BQJTmgqmAAoJEDwII0WWzkFji4IP/j8JjGL6F61AzZuCPXRWC+y55Zmy5XjyyH9c JbOfrm9e5nTbrj9yC0Wusb3aL95ymrDEJ/tUEOyVpWD7CW1asb1hEa9Kx942euz4 Zd1+SaZsvqtPPWneryAEmObpxRVAKzSESjH7zP4qJ3/Ha98h74StsuLCNiY+3H5J RHW8HLq2fwP1Sn9lz/4ivHs+R5Yc0LwQmVu/2KDFRcpJbQ98MYi7d6Q+RQd7s170 uYHilfx4fUy0lghyklmWipu0c5qa6bNCpG0ek2lp7BiFd/vWtfLKSIYcdrmV4aBf nt19haDfIWZHcNXqIyodvmyMchMNiPJH7gd6qHS/ePVw0sulRfANng+UtSL9cDkF 7hwsqP0I1rQhYWDcnz+NKzyH715eqSb8+Fu1LgR3/XHTb+8FVkokAEIygWVmVDc2 bzwho36vvp9V3qoHpw4EO88A+WfdLkLVFDrkcsCkfBrVnhitnI9BjmsVfaPexsCV RoReMH3Tz91cARFY1etxFusBIwQpipNOsy+Lutup2X1ooAdGS0Jz/3FJvNqw/tGs jFfzC+1AvxjhqtnHh1e7AFDKMMftvR4XyfAgNLmHp0xJMgrEju2qHpPKIP3W4Bhm SvlMiIuig9pqEZii1C/QBw+JStR73UKfEqQPXLDlUvDT98u/KSHPVUdrKjxXmLKj /y8g04IE =Cnox -----END PGP SIGNATURE-----