GPG Key Transition
My current PGP/GnuPG key is expiring, so I've rolled a new one. The ID of the new key
is 0x3C7775DD37811E62
(full fingerprint:
1ED5 E5A3 01C3 D109 9040 2289 3C77 75DD 3781 1E62
)
and it should be in your favorite keyservers,
cross-signed by my old key. You can also find it at https://files.roguelazer.com/roguelazer.gpg.
It has also been attached to my keybase.io account and my Github
profile. My previous key () has not been revoked
and has not been compromised, but you should still stop using it if possible. The new key is a 4096-bit RSA
key with SHA-2 digest signatures — I'm not quite bold enough to switch to ECC for a long-lived key yet.0xAEE8F2454A41B87D
My signed transition document is below, and can also be found at 2019-04-27-key-transition-statement.txt.asc if you prefer to download it directly.
Additionally, I have generated a separately-signed key with ID 0x233E5EAF0EC3ABA9
(full fingerprint:
14E8 9660 188D BC9B 2C17 67AA 233E 5EAF 0EC3 ABA9
). This key should not be used for communication,
but will only be used to sign VCS commits/tags/&c (in Git and perhaps in
Pijul1). It's going to be on my [managed] work computer2, so treat it with a grain
of salt.