So, since several years I've had a second gpg key, 4096R/6AABE354. Several of you have already signed it, and I've been using it in Debian for some time already, but I've not announced it more widely yet, and I occasionally still get mail encrypted to the old key (which remains valid and usable, but it's 1024R).

Of course, I've also made a formal transition statement:

Hash: SHA1

OpenPGP Key Transition Statement for Simon Richter

I have created a new OpenPGP key and will be transitioning away from
my old key.  The old key has not been compromised and will continue to
be valid for some time, but I prefer all future correspondence to be
encrypted to the new key, and will be making signatures with the new
key going forward.

I would like this new key to be re-integrated into the web of trust.
This message is signed by both keys to certify the transition.  My new
and old keys are signed by each other.  If you have signed my old key,
I would appreciate signatures on my new key as well, provided that
your signing policy permits that without re-authenticating me.

The old key, which I am transitioning away from, is:

pub   1024D/5706A4B4 2002-02-26
      Key fingerprint = 040E B5F7 84F1 4FBC CEAD  ADC6 18A0 CC8D 5706 A4B4

The new key, to which I am transitioning, is:

pub   4096R/6AABE354 2009-11-19
      Key fingerprint = 9C43 2534 95E4 DCA8 3794  5F5B EBF6 7A84 6AAB E354

The entire key may be downloaded from:

To fetch the full new key from a public key server using GnuPG, run:

  gpg --keyserver --recv-key 6AABE354

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs 6AABE354

If you are satisfied that you've got the right key, and the User IDs
match what you expect, I would appreciate it if you would sign my key:

  gpg --sign-key 6AABE354

You can upload your signatures to a public keyserver directly:

  gpg --keyserver --send-key 6AABE354

Or email (possibly encrypted) the output from:

  gpg --armor --export 6AABE354

If you'd like any further verification or have any questions about the
transition please contact me directly.

To verify the integrity of this statement:

  wget -q -O- | gpg --verify

Version: GnuPG v1