Grandma's Fridge

A TitanOfOld dev blog

Key Transition


I'm moving!

Okay, not my living location, but my PGP key. Here's the good stuff: 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I am transitioning PGP keys from an old 2048-bit DSA key to a new ed25519
key. The old key will continue to be valid until December 10, 2018 when it
expires, but I prefer all new correspondance to be encrypted in the new
key and will be making all signatures going forward with the new key.

This transition document is signed with both keys to validate the
transition.

If you have signed my old key, I would appreciate signatures on my new
key as well, provided that your signing policy permits that without
reauthenticating me.

The old key, which I am transitioning away from, is:

  pub   dsa2048/0x5713AA03D1BBFDA0 2011-09-22 [SC] [expires: 2018-12-10]
      Key fingerprint = 2C00 7719 4F85 FB07 A49C  0E31 5713 AA03 D1BB FDA0

The new key, to which I am transitioning, is:

  pub   ed25519/0x2153C852F779174F 2018-07-10 [SC] [expires: 2020-07-09]
      Key fingerprint = 9B32 F2A4 8C1F F4E0 1E23  CEEA 2153 C852 F779 174F

To fetch the full new key from a public key server using GnuPG, run:

  gpg --recv-key 0x2153C852F779174F

If you have already validated my old key, you can then validate that
the new key is signed by my old key:

  gpg --check-sigs 0x2153C852F779174F

If you then want to sign my new key, a simple and safe way to do that is
by using caff (shipped in Gentoo as part of app-crypt/signing-party) as
follows:

  caff 2153C852F779174F

Please contact me via email at any of the UIDs listed on the old key or
the new key, if you have any questions about this document or this
transition.
-----BEGIN PGP SIGNATURE-----

iNUEAREKAH0WIQRPTtQ2xj0Ap7RjpAAol2NzYdYtXQUCW2wSIV8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NEY0
RUQ0MzZDNjNEMDBBN0I0NjNBNDAwMjg5NzYzNzM2MUQ2MkQ1RAAKCRAol2NzYdYt
XXz/AP4pbIbxTQml4Af5igO7sTRJAfWBml+UVQFiiyPMcHQfbgD/dY7nY3DSCdCn
tkMeMQwB/vKWKbmxbEKYEqDBzWS0qAiI1QQBFgoAfRYhBAQLo635AoVFYhd85P+X
XA0olKXRBQJbbBIiXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9wZW5w
Z3AuZmlmdGhob3JzZW1hbi5uZXQwNDBCQTNBREY5MDI4NTQ1NjIxNzdDRTRGRjk3
NUMwRDI4OTRBNUQxAAoJEP+XXA0olKXRolMBAI8uc+KRxmAn/zvhPnjqDurQmIgW
2BKJMwbHm7Aoq3CPAQDpTkl0ax87kiKLs3pdwHCs4DXwz70FUHtUQDRwhVHwAw==
=9+yW
-----END PGP SIGNATURE-----

I've already uploaded it to the key servers, so you should be able to grab it from any server you prefer. Or, grab it from this server.

You can also get the signed statement as a plain text file.