So, since several years I've had a second gpg key, 4096R/6AABE354. Several of you have already signed it, and I've been using it in Debian for some time already, but I've not announced it more widely yet, and I occasionally still get mail encrypted to the old key (which remains valid and usable, but it's 1024R).
Of course, I've also made a formal transition statement:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPGP Key Transition Statement for Simon Richter I have created a new OpenPGP key and will be transitioning away from my old key. The old key has not been compromised and will continue to be valid for some time, but I prefer all future correspondence to be encrypted to the new key, and will be making signatures with the new key going forward. I would like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition. My new and old keys are signed by each other. If you have signed my old key, I would appreciate signatures on my new key as well, provided that your signing policy permits that without re-authenticating me. The old key, which I am transitioning away from, is: pub 1024D/5706A4B4 2002-02-26 Key fingerprint = 040E B5F7 84F1 4FBC CEAD ADC6 18A0 CC8D 5706 A4B4 The new key, to which I am transitioning, is: pub 4096R/6AABE354 2009-11-19 Key fingerprint = 9C43 2534 95E4 DCA8 3794 5F5B EBF6 7A84 6AAB E354 The entire key may be downloaded from: http://www.simonrichter.eu/simon.asc To fetch the full new key from a public key server using GnuPG, run: gpg --keyserver keys.gnupg.net --recv-key 6AABE354 If you already know my old key, you can now verify that the new key is signed by the old one: gpg --check-sigs 6AABE354 If you are satisfied that you've got the right key, and the User IDs match what you expect, I would appreciate it if you would sign my key: gpg --sign-key 6AABE354 You can upload your signatures to a public keyserver directly: gpg --keyserver keys.gnupg.net --send-key 6AABE354 Or email firstname.lastname@example.org (possibly encrypted) the output from: gpg --armor --export 6AABE354 If you'd like any further verification or have any questions about the transition please contact me directly. To verify the integrity of this statement: wget -q -O- http://www.simonrichter.eu/key-transition-2015-03-09.txt | gpg --verify Simon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJU/bbEAAoJEH69OHuwmQgRWOIH/AogHxhhVO5Tp5FFGpBFwljf NzKTPBExMhZ/8trAzYybOWFv3Bx4AGdWkYfDnxP6oxQJOXVq4KL6ZcPPuIZuZ6fZ bu0XHdPMU89u0TymR/WJENRCOcydRBe/lZs+zdJbKQtEZ+on4uNXxHpUiZPi1xxM ggSdVBKn2PlCBcYih40S9Oo/rM9uBmYcFavX7JMouBSzgX78cVoIcY6zPRmHoq4k TkGKfvHeSu+wbzWRmDwu/PFHRA4TKNvR6oeO+Et1yk454zjrHMXineBILRvvMCIA t54pV6n+XzOUmtXcKnkIGltK+ZaJSV6am0swtx84RaevVXrknIQE8NvlA4MNgguI nAQBAQIABgUCVP23tAAKCRDSx966V9+/u3j4BACVHifAcO86jAc5dn+4OkFZFhV1 l3MKIolL+E7Q7Ox+vJunGJJuGnOnazUK+64yDGZ2JxNJ4QNWD1FOs/Ng2gm82Vin ArBtyp1ZGWUa+349X+1qarUQF9qAaUXDZjFp5Hzh/o6KC4t3eECxcb41og3LUTQD VuG2KWNXYBe5P5ak9Q== =o61r -----END PGP SIGNATURE-----