New email and PGP key
19 February 2022 - Namkhai B.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Date: 20-02-2022 For a number of reasons, I have recently set up a new email, together with a new OpenPGP key, and will be transitioning away from my old one. The old key will continue to be valid for some time, but I prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition. The old key was: pub rsa4096/0A30AAE5BF54CEFE 2021-06-15 [SC] [expires: 2022-06-15] Key fingerprint = F7F7 4C22 E12E 765A CFFB 951B 0A30 AAE5 BF54 CEFE uid [ultimate] Namkhai B. (Namkhai's code signing key) <firstname.lastname@example.org> sub rsa4096/DAFE87AD70D12821 2021-06-15 [E] [expires: 2022-06-15] sub rsa4096/9DC021F538318528 2021-06-15 [S] [expires: 2022-06-15] And the new key is: pub ed25519/C7C77DBFBE772EDC 2022-02-20 [SC] [expires: 2024-02-20] Key fingerprint = 948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC uid [ultimate] Namkhai B. <email@example.com> sub cv25519/03C138269F38E49F 2022-02-20 [E] [expires: 2024-02-20] sub ed25519/87920A3B2A811186 2022-02-20 [S] [expires: 2024-02-20] To fetch the full key from a public key server, you can simply do: gpg --keyserver hkps://keys.openpgp.org --recv-key '948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC' If you already know my old key, you can now verify that the new key is signed by the old one: gpg --check-sigs '948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC' If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above: gpg --fingerprint '948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC' If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key. You can do that by issuing the following command: ** NOTE: if you have previously signed my key but did a local-only signature (lsign), you will not want to issue the following, instead you will want to use --lsign-key, and not send the signatures to the keyserver ** gpg --sign-key '948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC' I'd like to receive your signatures on my key. You can either send me an e-mail with the new signatures (if you have a functional MTA on your system): gpg --export '948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC' | \ gpg --encrypt -r '948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC' --armor | mail -s 'OpenPGP Signatures' firstname.lastname@example.org Or you can just upload the signatures to a public keyserver directly: gpg --keyserver hkps://keys.openpgp.org --send-key '948C A569 9CF0 83B3 D23C 09D4 C7C7 7DBF BE77 2EDC' Please let me know if there is any trouble, and sorry for the inconvenience. -----BEGIN PGP SIGNATURE----- iQJOBAEBCAA4FiEEF+GiI6Py3+Tt65IjncAh9TgxhSgFAmISpnkaHG5hbWtoYWku bjNAcHJvdG9ubWFpbC5jb20ACgkQncAh9TgxhSjT5Q//TAh7DFAoCZezk33KbxAT 1lDwUgt4P065u1R6RxkGyM2tAGtokra+KNdwoUsvqr6F71WUZ4iHAO2EisYii1iD VCNE0j5mmTOei40iXq+PAUl78vpIRA3N+85Rd20eAPLOrSZuv7Rzy98tzHou5er/ TXbZYMuMhpiOtKkzMv3kSYkaa01mMo5UHN9Re8+M7d2cKGLu4vdFuWF3/8BlXxKo YdSkAFaNiMC4jYp3ciYC9E86CMSy2JZxBr0vbnci6s0fCLkhVJcLTI6IBjPDEOzD 6bEVLIogU2fudqdeLezDc5rsC2/sLA/QqXM6vpGcFhzvJQtFV0w5aCX8hLCcMKzh sp2dAsyXM7n1eY+YQkw90v5ECzJkWtWoM0JnsCI1dwbWt65eqvMWW6GOl+PqPaxA 9dhyaD73y4OO1Fkbovmevenq69SaxX1hfu3vcOruNSkjYUpXde3CkQ+zCnb0TSDe jpZrB742cWqPK0rD6K8HBQG+2SUrswiM6pvmIn1oKvU+fuaS3JG/+bHOhftrZv8Y MZZ25qFSa/RJWfPtaWc24VgqJUt5QTq3iInm1uKBxXw442kg2I48empfcl9fE9TD 0/WEroiXwzkbUuoMH6KQaf3zoyA7wJIJ1Gh1k6w2jbVw5tr0mHfrVT8QHlV2PAY1 uU+wjo+iQnk8KdsF8UpLMtk= =fDbC -----END PGP SIGNATURE-----