New email and PGP key

2022-02-20 - Namkhai B.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Date: 20-02-2022

For a number of reasons, I have recently set up a new email, together
with a new OpenPGP key, and will be transitioning away from my old one.

The old key will continue to be valid for some time, but I prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust.  This message is
signed by both keys to certify the transition.

The old key was:

pub   rsa4096/0A30AAE5BF54CEFE 2021-06-15 [SC] [expires: 2022-06-15]
      Key fingerprint = F7F7 4C22 E12E 765A CFFB  951B 0A30 AAE5 BF54 CEFE
uid                 [ultimate] Namkhai B. (Namkhai's code signing key) <namkhai.n3@protonmail.com>
sub   rsa4096/DAFE87AD70D12821 2021-06-15 [E] [expires: 2022-06-15]
sub   rsa4096/9DC021F538318528 2021-06-15 [S] [expires: 2022-06-15]

And the new key is:

pub   ed25519/C7C77DBFBE772EDC 2022-02-20 [SC] [expires: 2024-02-20]
      Key fingerprint = 948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC
uid                 [ultimate] Namkhai B. <me@forkbomb9.ch>
sub   cv25519/03C138269F38E49F 2022-02-20 [E] [expires: 2024-02-20]
sub   ed25519/87920A3B2A811186 2022-02-20 [S] [expires: 2024-02-20]

To fetch the full key from a public key server, you can simply do:

  gpg --keyserver hkps://keys.openpgp.org --recv-key '948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC'

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs '948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC'

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

  gpg --fingerprint '948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC'

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key. You can
do that by issuing the following command:

**
NOTE: if you have previously signed my key but did a local-only
signature (lsign), you will not want to issue the following, instead
you will want to use --lsign-key, and not send the signatures to the
keyserver
**

  gpg --sign-key '948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC'

I'd like to receive your signatures on my key. You can either send me
an e-mail with the new signatures (if you have a functional MTA on
your system):

  gpg --export '948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC' | \
    gpg --encrypt -r '948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC' --armor | mail -s 'OpenPGP Signatures' me@forkbomb9.ch

Or you can just upload the signatures to a public keyserver directly:

  gpg --keyserver hkps://keys.openpgp.org --send-key '948C A569 9CF0 83B3 D23C  09D4 C7C7 7DBF BE77 2EDC'

Please let me know if there is any trouble, and sorry for the inconvenience.
-----BEGIN PGP SIGNATURE-----

iQJOBAEBCAA4FiEEF+GiI6Py3+Tt65IjncAh9TgxhSgFAmISpnkaHG5hbWtoYWku
bjNAcHJvdG9ubWFpbC5jb20ACgkQncAh9TgxhSjT5Q//TAh7DFAoCZezk33KbxAT
1lDwUgt4P065u1R6RxkGyM2tAGtokra+KNdwoUsvqr6F71WUZ4iHAO2EisYii1iD
VCNE0j5mmTOei40iXq+PAUl78vpIRA3N+85Rd20eAPLOrSZuv7Rzy98tzHou5er/
TXbZYMuMhpiOtKkzMv3kSYkaa01mMo5UHN9Re8+M7d2cKGLu4vdFuWF3/8BlXxKo
YdSkAFaNiMC4jYp3ciYC9E86CMSy2JZxBr0vbnci6s0fCLkhVJcLTI6IBjPDEOzD
6bEVLIogU2fudqdeLezDc5rsC2/sLA/QqXM6vpGcFhzvJQtFV0w5aCX8hLCcMKzh
sp2dAsyXM7n1eY+YQkw90v5ECzJkWtWoM0JnsCI1dwbWt65eqvMWW6GOl+PqPaxA
9dhyaD73y4OO1Fkbovmevenq69SaxX1hfu3vcOruNSkjYUpXde3CkQ+zCnb0TSDe
jpZrB742cWqPK0rD6K8HBQG+2SUrswiM6pvmIn1oKvU+fuaS3JG/+bHOhftrZv8Y
MZZ25qFSa/RJWfPtaWc24VgqJUt5QTq3iInm1uKBxXw442kg2I48empfcl9fE9TD
0/WEroiXwzkbUuoMH6KQaf3zoyA7wJIJ1Gh1k6w2jbVw5tr0mHfrVT8QHlV2PAY1
uU+wjo+iQnk8KdsF8UpLMtk=
=fDbC
-----END PGP SIGNATURE-----

plaintext signed message (old key)

plaintext signed message (new key)