betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

14 November 2013

New PGP Key

Please update

It's time to upgrade my PGP key. The old one was created more than 10 years ago and the key length isn't up to today's standards any more.

The new key ID is C4D2D0F8 / long ID CC57D031C4D2D0F8.

I have prepared one of those fancy "transition statements". You can find it here, signed by my old key and signed by my new key

Thursday, 2013-11-14

Since my old key was very old and had a smallish key size, I've
recently set up a new OpenPGP key, and will start using the new
one from now on.

The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one.  I would also like this
new key to be re-integrated into the web of trust.  This message is
signed by both keys to certify the transition.

the old key was:

pub   1024D/E0EAFC8A 2002-01-24
      Key fingerprint = 067B 60E1 CB03 50CE D781  42E9 A583 AAF4 E0EA FC8A

And the new key is:

pub   4096R/C4D2D0F8 2013-10-05
      Key fingerprint = B0C9 F0D2 2432 1C05 4688  34EF CC57 D031 C4D2 D0F8

(Long key ID: CC57D031C4D2D0F8)

You can get the full key from this address:

  http://betabug.ch/sascha_welter_pub.txt

Or, to fetch my new key from a public key server, you can simply do:

  gpg --keyserver pgp.mit.edu --recv-key C4D2D0F8
  or
  gpg --keyserver keys.gnupg.net --recv-key C4D2D0F8

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs C4D2D0F8

If you don't already know my old key, you can check the fingerprint
against the one above. If you want to be double extra paranoid, check
the fingerprint against the one you get from me personally in writing:

  gpg --fingerprint C4D2D0F8

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

  gpg --sign-key C4D2D0F8

Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):

  gpg --armor --export D21739E9 | mail -s 'OpenPGP Signatures' sw@betabug.ch

Or you can just upload the signatures to a public keyserver directly:

  gpg --keyserver pgp.mit.edu --send-key C4D2D0F8
  or
  gpg --keyserver keys.gnupg.net --send-key C4D2D0F8

Please let me know if there is any trouble, and sorry for the
inconvenience.

Regards,
Sascha

In short: I'll start using the new key. Please get it from the key server or my server, then check the signature of my old key on it and the fingerprint with me. Then please sign the new key and upload to the keyserver or send to me.

Thanks, and be safe out there!


Posted by betabug at 12:50 | Comments (1) | Trackbacks (0)
ch athens
Life in Athens (Greece) for a foreigner from the other side of the mountains. And with an interest in digital life and the feeling of change in a big city. Multilingual English - German - Greek.
Main blog page
Recent Entries
Backyard Adventure (07/08 08:18)
Danakos Climbing Gym (06/26 18:40)
Getting into the Ruby Debugger (06/13 13:36)
The site is coming back (06/11 14:17)
Best of
Some of the most sought after posts, judging from access logs and search engine queries.

Apple & Macintosh:
Security & Privacy:
Misc technical:
Athens for tourists and visitors:
Life in general:
<< Saturday Ride Report: Dervenohoria | Main | Ein Weblog war mal sowas wie ein Tagebuch >>
Comments
Re: New PGP Key

There you go, signed and pushed to the pgp servers:

http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0xCC57D031C4D2D0F8

Posted by: Wu at November 26,2013 08:32
Trackbacks
You can trackback to: http://betabug.ch/blogs/ch-athens/1333/tbping
There are no trackbacks.
Leave a comment