Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Hello,
- Fri Oct 24 12:08:28 EDT 2014
- For a number of reasons, I've recently set up a new OpenPGP key,
- and will be transitioning away from my old one.
- The old key will continue to be valid for some time, but I prefer all
- future correspondence to come to the new one. I would also like this
- new key to be re-integrated into the web of trust. This message is
- signed by both keys to certify the transition.
- The old key was:
- pub 4096R/2E177CFD 2013-10-23 [revoked: 2014-10-23]
- Key fingerprint = A96A 9E4D BE08 B18B 55F6 751A 0579 F578 2E17 7CFD
- And the new key is:
- pub 4096R/4372F24A 2014-10-23 [expires: 2017-10-22]
- Key fingerprint = C765 FAD7 824B C74A 515F 938B EC24 32D1 4372 F24A
- `
- To fetch the full key from a public key server, you can simply do:
- gpg --keyserver pgp.mit.edu --recv-key 4372F24A
- If you already know my old key, you can now verify that the new key is
- signed by the old one:
- pub 4096R/4372F24A 2014-10-23 [expires: 2017-10-22]
- uid [ultimate] Neal Trischitta <ntrischi@stevens.edu>
- sig!3 4372F24A 2014-10-23 Neal Trischitta <ntrischi@stevens.edu>
- sub 4096R/BDA40E6E 2014-10-23 [expires: 2017-10-22]
- sig! 4372F24A 2014-10-23 Neal Trischitta <ntrischi@stevens.edu>
- If you don't already know my old key, or you just want to be double
- extra paranoid, you can check the fingerprint against the one above:
- pub 4096R/4372F24A 2014-10-23 [expires: 2017-10-22]
- Key fingerprint = C765 FAD7 824B C74A 515F 938B EC24 32D1 4372 F24A
- uid [ultimate] Neal Trischitta <ntrischi@stevens.edu>
- sub 4096R/BDA40E6E 2014-10-23 [expires: 2017-10-22]
- If you are satisfied that you've got the right key, and the UIDs match
- what you expect, I'd appreciate it if you would sign my key. You can
- do that by issuing the following command:
- **
- NOTE: If you have previously signed my key but did a local-only
- signature (lsign), you will not want to issue the following, instead
- you will want to use --lsign-key, and not send the signatures to the
- keyserver.
- **
- gpg --sign-key 4372F24A
- I'd like to receive your signatures on my key. You can either send me
- an e-mail with the new signatures (if you have a functional MTA on
- your system):
- gpg --export 4372F24A | gpg --encrypt -r 4372F24 --armor | mail -s 'OpenPGP
- Signatures' ntrischi@stevens.edu
- I also highly recommend checking out the excellent Riseup GPG best
- practices doc, from which I stole most of the text for this transition
- message ;-)
- https://we.riseup.net/debian/openpgp-best-practices
- Please let me know if you have any questions, or problems, and sorry
- for the inconvenience.
- --
- v/r,
- Neal Trischitta
- Stevens Institute of Technology
- Class of 2015
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement