Tue, 22 Jan 2013
New GPG Key (please re-sign it!)
My PGP key is almost 16 years old now - it has been created on 1997-03-15. It is a 1024-bit RSA key, which is not so strong by today's standards. So I have generated a new GPG key 4096R/A45477D5. I plan to phase out my other two keys, 1024R/D3498839, and 1024R/F0BEFD45 in the near future, and publish revocation signatures for them. My new GPG public key signed by both old keys is available at the following locations:
The fingerprint of the new key is:
B634 17E5 731B 4F42 69FA 57FF 9453 3581 A454 77D5
I hereby ask everybody who has signed some of my previous keys, or who has any means of verifying the above fingerprint by an independent channel (e.g. over the phone) to sign my new key and send me a signature. It is possible to do this in Linux using the following steps:
1. Obtain my public key
gpg --keyserver pgp.mit.edu --recv-key A45477D5
or use another keyserver instead of
pgp.mit.edu, or get the key from our webserver
wget -O - https://www.fi.muni.cz/~kas/pgp-A45477D5.txt | gpg --import
2. Display the fingerprint
gpg --fingerprint A45477D5
Verify the fingerprint (should be the same as above; you can also call me over the phone).
3. Sign the key
gpg --sign-key A45477D5
4. Export the key
gpg --armor --output A45477D5-signed.txt --export A45477D5
Now send the resulting file
A45477D5-signed.txt to me. Thanks!
NOTE: The plain-text version of this blog post, signed by my old key
1024R/D3498839, is available here.