GPG key transition

Posted on

Some time ago I blogged about resuming the use of my GPG key (with short-ID FEA2A3FE, which I always thought was a neat ID). On that post someone commented that the key way weak and didn’t follow current best practices (no wonder, the key was created in 2002). A recent LWN article on key-ID collisions made me realise it was time to take some action. So here’s a statement, signed with my old and new key. I am aware of the irony of serving those up over HTTP.

The GPG key for Adriaan de Groot is now

sec 4096R/0x7FEA3DA6169C77D6 2016-06-11 [expires: 2018-06-11]
Key fingerprint = 00AC D15E 25A7 9FEE 028B 0EE5 7FEA 3DA6 169C 77D6

it used to be

sec 1024D/0x76ACEE01FEA2A3FE 2002-06-18
Key fingerprint = 934E 31AA 80A7 723F 54F9 50ED 76AC EE01 FEA2 A3FE

I was kind of attached to my short key-ID, so I’m glad to see FEA3 return in my new long key-ID. The new key has been sent to the sks-keyservers pool and should be available where ever needed. While I don’t expect to use much GPG, those things that need signing will be signed with the new key.