Transition to a stronger GnuPG key

I am transitioning my GnuPG key1 from an old 1024-bit key to a stronger 4096-bit key. The old key will continue to be valid for some time, but I prefer all new correspondance to be encrypted in the new key, and will be making all signatures going forward with the new key.

The old key, which I am transitioning away from, is:

sec   1024D/FE96C404 2002-02-04
  Key fingerprint = 6B05 41F0 94FF 2163 6FBA
                    2433 3307 469B FE96 C404

The new key, to which I am transitioning, is:

sec   4096R/2403C3EB 2016-01-04
  Key fingerprint = F34D 6A12 35D0 4903 CD22
                    D5C0 13EF 8D45 2403 C3EB

The transition document below is signed with both keys to validate the transition.

If you have signed my old key, I would appreciate signatures on my new key as well, provided that your signing policy permits that without reauthenticating me.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I am transitioning my GPG key from an old 1024-bit key to a stronger
4096-bit key.  The old key will continue to be valid for some
time, but I prefer all new correspondance to be encrypted in the new
key, and will be making all signatures going forward with the new key.

The transition document below is signed with both keys to validate the
transition.

If you have signed my old key, I would appreciate signatures on my new
key as well, provided that your signing policy permits that without
reauthenticating me.

The old key, which I am transitional away from, is:

  sec   1024D/FE96C404 2002-02-04
      Key fingerprint = 6B05 41F0 94FF 2163 6FBA  2433 3307 469B FE96 C404


The new key, to which I am transitioning, is:

  sec   4096R/2403C3EB 2016-01-04
      Key fingerprint = F34D 6A12 35D0 4903 CD22  D5C0 13EF 8D45 2403 C3EB


To fetch the full new key from a public key server using GnuPG, run:

  gpg --keyserver pgp.mit.edu --recv-key 13EF8D452403C3EB

If you have already validated my old key, you can then validate that
the new key is signed by my old key:

  gpg --check-sigs 13EF8D452403C3EB

If you don't already know my old key, or you just want to be extra
careful, you can check the fingerprint against the one above:

  gpg --fingerprint 13EF8D452403C3EB

If you then want to sign my new key, a simple and safe way to do that
is by using caff (shipped in Debian as part of the "signing-party"
package) as follows:

  caff 13EF8D452403C3EB

Or you can sign and upload the signatures to a keyserver manually:

  gpg --sign-key 13EF8D452403C3EB
  gpg --keyserver pgp.mit.edu --send-key D21739E9

Please contact me via e-mail at <arne_bab@web.de> if you have any
questions about this document or this transition.

  Arne Babenhauserheide
  arne_bab@web.de
  2016-03-30
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJW/GBjAAoJEBPvjUUkA8ProyYP/3L/etXqGWJ9VQ7aJv5wG14W
A/efIomSn6vYQnjlMBODig2lWXqr0n42MX50J18WRphDO7vuF0kJgUUMYaN/G7nZ
Wi9LZ8pauTNioH5HUsDeyxZvgYHT1R2B6aVHOQ9+7nDn9mtGL5eU8Ron+oUN5Yb2
lxzOAFyKi/GET6elBTGaB75v+TaDkk3DHFPetmBwH+5UlfKPGKTUeAzx1SZYVBi4
EJnB/oWiArPxSei7UMhz0AOg0fQVmgSM2Hj5xGOldSw6OQRFLyAVOXi5MN8xXQwG
KUKffRgarxQFOuQ+QWyR6oysAz/NoHZqskEWyKeHWKHV8gjxw5iQd3Fk3DWUZXi2
ijwEBZ0II7P0j2In/RQOXxaR3o2q5Al18+jrl17siYV5KQb+FWRXW/HuKLwRAwNs
8cpaCZysRSEeyEPGaVg+ft98wFtJFQKogv0KraUWfEPYEarCYdOwDH/hZuLPEleC
1HrWpNr+UGX9g9BBV1SZtPvZnKaDqVpV/Ge3X4DN2pLbdOsALImivq4nuKGHt6Dy
hwV5RMtLogS55DVKUOW5p231tQD7E4oe84yrFTPpXzoIIqCMEcW4MSg8FMcuL+21
xUuxWkl7enndDt6vgPXQ79nJJZcChojJlVM1EVCEYafJr5mCPnZS6K3Zw/V5YEKm
iTNnYqEeX2SHVTLbXjnCiJwEAQEIAAYFAlb8YGMACgkQ3M8NswvBBUijJgP/R6FH
eq91ivkCbQFu9opPAUctJCKNmu+jD4JWSZOfJngy2cxnsuQxVtVmZl585tZC7Ed7
D+9P9BWVO8eEIwFgXVsdKgOCEvgCCN3PETLF1JtFwBe/7oMOcZdX/MUtpGRcoYYD
xIijlbbWPa8P5lu7zrBAOT9OsRadWM7jLvZnGR0=
=B8Tk
-----END PGP SIGNATURE-----

(this text was partially copied from Vincent Bernat who stole it from Zack after following the tutorial from Daniel Kahn Gillmor)

Inhalt abgleichen
Willkommen im Weltenwald!



Beliebte Inhalte

sn.1w6.org news