-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1,SHA256 Tue, 27 Oct 2009 12:08:36 +0100 I've recently set up a new RSA-based GPG key, and will be transitioning away from my old DSA-based one. The old key will be revoked soon, so I prefer all future correspondence to use the new one. I would also like to ensure that this new key is well-integrated into the web of trust. This message is signed by both keys to certify the transition. The old DSA key was: pub 1024D/AC5F700C 2004-12-24 Key fingerprint = 671B 2A4A F9C6 97CE 1F7D 8861 984B D380 AC5F 700C The new RSA key is: pub 4096R/0905E40C 2009-05-11 Key fingerprint = 7B27 A3F1 A6E1 8CD9 588B 4AE8 3101 8005 0905 E40C If you already know my old key, you can verify that the new key is signed by the old one: gpg --check-sigs 0905E40C If you don't already know my old key, or if you're extra-paranoid, you can check the fingerprint against the one given above: gpg --fingerprint 0905E40C If you have previously signed my old DSA key, and if you're satisfied that you've got the correct new RSA key, then I'd appreciate it if you would sign my new key as well: caff 0905E40C The caff program is in the signing-party package in Debian. Please be careful to generate signatures that don't rely on the weakening SHA-1 hash algorithm, which requires some careful configuration even if you've already configured gpg correctly. See http://www.gag.com/bdale/blog/posts/Strong_Keys.html for the gory details. Thanks, Julien Cristau -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkrwH8wACgkQmEvTgKxfcAw4JwCeMtuSBjgDPQk4GE85gjNbIt+d kG4AoKjOLd+oZrG6slF6UheXnij6kEnYiQIcBAEBCAAGBQJK8B/MAAoJEDEBgAUJ BeQMDiEQAOVSWXMpW0HzqMMIA6kC8EPZhqFQoX5x17ZpDl1gpvrqvLmdeW4chiRB FZ2mqMuxZrOBOeYf8MkA7wEvvicEaFQVraZZj8YcmJI+HoAIpGVgpWzatq9Y+J3o HXizhs2/UGOLLBNIAJezC7QJFV2nlp2/0Zgi+h7HGiQMAwVatiqu+KjOHOhFVOLw VGSA8MKHJwmE7guPkClEwMWJO2eAoqGUnMgf7aD3TCmKXXz+DlKygDAS/dBSQMKI drYPusrI8ixaYYIvbnCrUvL7q0+MweW4O0rjZRFYBxhpsAmNRTGsb9VOFyxzpPHr KY9ryC487+avYNcGPL7nav2zDB9cGb/D0+RssgERhrzd3KeFsj0yIB/fJBgtbpiC Zox61azfPpa/jklni0rzNGd5xlu0KbuIya+OYgyp7G1p6OSMSO28p+Oei9b1XVDM qzDb4lLL1xJoukbqSAP129mDWT53CFWVCR9i58ztfIcFHYgc7em+iDuHUsMKIphQ 44/IZgf1uuzLSNX2NSGuobyN6Y7meefO0iY07oYwJ242h3FCZk4U42yNtE9d6XSI OW3dPNhQK8+Y1Z0GOffm1MZ89Jpcgw+h4d4rvTZerWoyyO+DWxxnYgi/cWES++40 lxUeLoijLaO+qehN76jkukU8LvrxgCSroi5q9FeJzPrEb/qknt73 =R444 -----END PGP SIGNATURE-----