This Time Self-Hosted
dark mode light mode Search

New OpenPGP key

After seven years of “service”, I finally decided to discard my old OpenPGP key. I was already planning on doing so for a while (especially since it was still a 1024-bit DSA key), but the tipping point was reached today for two reasons: the first is that I received the FSFe Fellowship smartcard (as “Lefty” put it, FSFe seem to be concerned with matters more at hand than those the main FSF is concerned with, so I feel much more at ease to help FSFe rather than FSF itself), the second is that this year I should finally be able to attend FOSDEM (thanks to the fact I can finally board a plane without risking a heart attack; on the other hand I’m not going to board a plane alone so I’m going to take a train to Turin and then move with Luca).

FOSDEM here is a key reason for my switching key: my current key has no web of trust, the only signatures are those from the PGP Directory (automated non-human signatures), so it’s almost impossible to be sure I really exist. Finally being able to meet friends and colleagues is going to be helpful to fix that as well, and at this point starting from a new, clean key (which does not list outdated user IDs, nor my “old”
name) sounded like a good plan.

Anyway, I’d like to thank Daniel Kahn Gillmor (dkg from Debian) for his howto on key migration (although it still is signing with SHA1 — I wonder if it’s because of the card not supporting other digests?), and for his template for replacing the old key, in my case it’s available here and is signed with both my old and new keys for verification.

I’m currently uncertain on whether to replace my Gentoo manifest signing key with a sub-key of the new key after I got it signed, so that it also gets to be part of the web of trust.

Anyway, to finish it off, my new new key details are these:

pub   2048R/BB592443 2010-01-16
      Key fingerprint = F204 568C 03BD FD49 60EC  2DCC 1A82 AD57 BB59 2443
Comments 3
  1. Hey!I just recently recieved the Fellowship OpenPGP card as well and plan to use it, when I get a decent reader.Sooo, which USB reader would you suggest? I’d like it as small as possible — it’s a nice little laptop anyway 😉

  2. I have one (bulky) gemalto reader with pinpad (that I can’t seem to get working, with the pinpad) and one that is called bludrive from an Italian distributor (blutronics). The latter is the one I’m going to bring with me at FOSDEM, and works with both Linux and OSX (and actually, seem to read more card types than the gemalto).Anything supporting the CCID standard should probably work…

  3. Thanks, I’ll keep that in mind.Right now I have other expenses and problems, but in the future I’ll try to buy one that’d be as small and portable as possible for my nice little T400s :]Too bad I won’t go to FOSDEM (again) …it’d be fun meeting you one day IRL.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.