GPG key transition

Nicolas Valcárcel nicolas.valcarcel at canonical.com
Tue May 26 15:32:40 BST 2009


For a number of reasons, i've recently set up a new OpenPGP key, and
will be transitioning away from my old one.

The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one.  I would also like this
new key to be re-integrated into the web of trust.  This message is
signed by both keys to certify the transition.

the old key was:

pub   1024D/654597FE 2008-02-25
      Key fingerprint = BCE4 27A0 D03E 55DE DA2D  BE06 891D 8DEE 6545
97FE

And the new key is:

pub   2048R/EF584970 2009-05-26
      Key fingerprint = 5C4D 0C85 D9C0 98FE 11F9  DD12 524E C3CD EF58
4970

To fetch my new key from a public key server, you can simply do:

  gpg --keyserver pgp.mit.edu --recv-key EF584970

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs EF584970

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

  gpg --fingerprint EF584970

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

  gpg --sign-key EF584970

Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):

  gpg --armor --export EF584970 | mail -s 'New OpenPGP key signature'
nvalcarcel at ubuntu.com

Or you can just upload the signatures to a public keyserver directly:

  gpg --keyserver pgp.mit.edu --send-key EF584970

Please let me know if there is any trouble, and sorry for the
inconvenience.

-- 
Nicolas Valcárcel
Security Engineer
Custom Engineering Solutions Group
Canonical OEM Services
Mobile: +511 994 293 200
Key fingerprint = 5C4D 0C85 D9C0 98FE 11F9  DD12 524E C3CD EF58 4970
gpg --keyserver keyserver.ubuntu.com --recv-keys 654597FE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20090526/0c4de80b/attachment.pgp 


More information about the ubuntu-devel mailing list