I am transitioning GnuPG keys from an old 1024-bit key to a new 4096-bit key, because 1024 bit are uncomfortably close to what can be cracked. The old key will continue to be valid for some time, but I prefer all new correspondence to be encrypted in the new key, and will be making all signatures going forward with the new key.
If you have signed my old key, I would appreciate signatures on my new key as well, provided that your signing policy permits that without re-authenticating me.
The old key, which I am transitional away from, is:
pub 1024D/0x5647280A274D4F97 2007-11-27 [expires: 2014-09-30] Key fingerprint = 14DE 735E 198A 7419 FE51 D833 5647 280A 274D 4F97
The new key, to which I am transitioning, is:
pub 4096R/0x74DCA8A36C52F833 2014-03-30 Key fingerprint = 7251 9DA2 D8BD 6F38 D4A1 199E 74DC A8A3 6C52 F833
To fetch the full new key, download it here or fetch it from a public key server using GnuPG by running:
gpg --keyserver pool.sks-keyservers.net --recv-key 0x74DCA8A36C52F833
If you have already validated my old key, you can then validate that the new key is signed by my old key:
gpg --check-sigs 0x74DCA8A36C52F833
This transition document is signed with both keys to validate the transition. If you want to verify the authenticity of the transition document yourself, run the following command on the file:
gpg --verify transition-2014-03.txt
If you then want to sign my new key, a simple and safe way to do that is by using caff (shipped in Debian as part of the “signing-party” package) as follows:
Please contact me via e-mail if you have any questions about this transition. If you want to transition to a new key as well, you might find this guide helpful.