New GnuPG Key

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Sun, 10 May 2009 15:15:15 -0500

Because of the recently announced attack [0] against the SHA-1 digest
algorithm, I finally decided to move away from my old 1024-bit DSA
OpenPGP key, landing to a shiny new 2048-bit RSA one.

[0] http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf

The old key will continue to be valid for some time, but I prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.

The old key was:

$ gpg –with-fingerprint –list-keys 57F795E8
pub   1024D/57F795E8 2008-04-25
Key fingerprint = 2CA5 1131 578D 9175 0A54  B0E8 4BB3 6254 57F7 95E8
uid                  Nathan Handler <nhandler@ubuntu.com>
uid                  Nathan Handler <mrcheatr@gmail.com>
uid                  Nathan Handler <nathan.handler@gmail.com>
uid                  Nathan Handler <nhandler@kubuntu.org>
uid                  Nathan Handler <nhandler@nubuntu.org>
sub   2048g/B980FFDC 2008-04-25
$

And the new key is:

$ gpg –with-fingerprint –list-keys 3933A7CE
pub   2048R/3933A7CE 2009-05-10
Key fingerprint = F30E EA8C 3446 F59E F0DB  433C 2335 FB3F 3933 A7CE
uid                  Nathan Handler <nhandler@ubuntu.com>
uid                  Nathan Handler <mrcheatr@gmail.com>
uid                  Nathan Handler <nathan.handler@gmail.com>
uid                  Nathan Handler <nhandler@nubuntu.org>
uid                  Nathan Handler <nhandler@kubuntu.org>
$

To fetch my new key from a public key server, you can simply do:

gpg –keyserver keyserver.ubuntu.com –recv-keys 3933A7CE

If you already know my old key, you can now verify that the new key is
signed by the old one:

gpg –check-sigs 3933A7CE

If you don’t already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

gpg –fingerprint 3933A7CE

If you are satisfied that you’ve got the right key, and the UIDs match
what you expect, I’d appreciate it if you would sign my key:

gpg –sign-key 3933A7CE

Lastly, if you could upload these signatures, I would really appreciate
it. You can either send me an e-mail with the new signatures (if you
have a functional MTA on your system):

gpg –armor –export 3933A7CE | mail -s ‘OpenPGP Signatures’ nhandler@ubuntu.com

You could also use caff(1) from http://pgp-tools.alioth.debian.org/
(signing-party package on Debian GNU systems):

caff 3933A7CE

Or you can just upload the signatures to a public keyserver directly:

gpg –keyserver keyserver.ubuntu.com –send-key 3933A7CE

Please let me know where you upload your signatures, if there is any
trouble, and sorry for the inconvenience.

Regards,
Nathan Handler
– —–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoG9bYACgkQS7NiVFf3lejcWgCcDZszRcW9tcMklGbUl1B0xVo6
ogIAn2EkN1D1QqVllzz5QmBB/7m6lRrE
=+3uH
– —–END PGP SIGNATURE—–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBCAAGBQJKBvW+AAoJECM1+z85M6fOLacH/jtCoqlsmlfmtfcUzfcbO+LV
5FGAzD9Kb471xurp/SEEn7R4JOG9n7xsOQCwM9QOwYfnGilKXI2/gv3i5cmXYg4l
ITcdnVagh2AfRVjw5Az+Xee5kQoBqDNMFlmWkybK4aNSA679CWtgzRlF9pj99LwN
7Q0XEgdvDE1ZBwnSUXwgNBoRTopJN/tWqNDC5tKw0eozNV22qbf4kn81rmV2brNj
7xBqtXCNDELnHKFVPHFP2w4ahrlqHaWhFRQ4GeJrwnYg6lyBmHo/CJCBPa2shX+p
HGM9F/684oD1pTBRxylWYwteG75pJiFjShMe//Jj0ZBauenXH8IUZiImbyVdKXU=
=gcIP
—–END PGP SIGNATURE—–

Advertisements
This entry was posted in Planet Ubuntu. Bookmark the permalink.

One Response to New GnuPG Key

  1. Hi Nathan,

    I am trying to reach you to discuss potential career opportunities with Google and your career aspirations.

    I can be reached at anytime at mikemarshall@google.com,

    Cheers!

    -Mike

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s