GPG key transition
Nicolas Valcárcel
nicolas.valcarcel at canonical.com
Tue May 26 15:32:40 BST 2009
For a number of reasons, i've recently set up a new OpenPGP key, and
will be transitioning away from my old one.
The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.
the old key was:
pub 1024D/654597FE 2008-02-25
Key fingerprint = BCE4 27A0 D03E 55DE DA2D BE06 891D 8DEE 6545
97FE
And the new key is:
pub 2048R/EF584970 2009-05-26
Key fingerprint = 5C4D 0C85 D9C0 98FE 11F9 DD12 524E C3CD EF58
4970
To fetch my new key from a public key server, you can simply do:
gpg --keyserver pgp.mit.edu --recv-key EF584970
If you already know my old key, you can now verify that the new key is
signed by the old one:
gpg --check-sigs EF584970
If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:
gpg --fingerprint EF584970
If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:
gpg --sign-key EF584970
Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):
gpg --armor --export EF584970 | mail -s 'New OpenPGP key signature'
nvalcarcel at ubuntu.com
Or you can just upload the signatures to a public keyserver directly:
gpg --keyserver pgp.mit.edu --send-key EF584970
Please let me know if there is any trouble, and sorry for the
inconvenience.
--
Nicolas Valcárcel
Security Engineer
Custom Engineering Solutions Group
Canonical OEM Services
Mobile: +511 994 293 200
Key fingerprint = 5C4D 0C85 D9C0 98FE 11F9 DD12 524E C3CD EF58 4970
gpg --keyserver keyserver.ubuntu.com --recv-keys 654597FE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20090526/0c4de80b/attachment.pgp
More information about the ubuntu-devel
mailing list