Mast Kalandar

bandar's colander of random jamun aur aam

Sat, 14 Nov 2015

Public Key Transition


crypto, debian, gnupg [link] [comments ()] [raw]

Since 1024-bit keys are probably no longer safe and a number of other reasons, I've recently set up a new OpenPGP key, and will be transitioning away from my old one.

The old key will continue to be valid for some time, but I prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition.

the old key was:

pub   1024D/5416E5B8 2004-10-13
      Key fingerprint = F160 CBB9 03C8 425D 4BBA  79F4 491F 8FDA 5416 E5B8

And the new key is:

pub   4096R/3A748810 2015-11-14
      Key fingerprint = 38AB 0F8E FBFB 40A8 7E6C  897A 68B6 06CC 3A74 8810

To fetch the full key (including a photo uid, which is commonly stripped by public keyservers), you can get it with:

wget -q -O- http://www.imsc.res.in/~kapil/pubwphot.txt | gpg --import -

Or, to fetch my new key from a public key server, you can simply do:

gpg --keyserver pgp.mit.edu --recv-key 3A748810

If you already know my old key, you can now verify that the new key is signed by the old one:

gpg --check-sigs 3A748810

If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint 3A748810

If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key:

gpg --sign-key 3A748810

Lastly, if you could upload these signatures, i would appreciate it. You can either send me an e-mail with the new signatures (if you have a functional MTA on your system):

gpg --armor --export 3A748810| mail -s 'OpenPGP Signatures' 

Or you can just upload the signatures to a public keyserver directly:

gpg --keyserver pgp.mit.edu --send-key 3A748810

Please let me know if there is any trouble, and sorry for the inconvenience.


Tue, 22 Sep 2015

National Encryption Policy

Sat, 05 Nov 2011

Encryption by Default?

Thu, 15 May 2008

Converting keys between SSH and SSL

Fri, 25 Nov 2005

Returning the Toshiba satellite

Archives

< November 2015 >
SuMoTuWeThFrSa
1 2 3 4 5 6 7
8 91011121314
15161718192021
22232425262728
2930     

2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008, 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000, 1999, 1997, 1995,