I've created a new 3072/RSA key and it's time to replace my old weak 1024/DSA key.
The old key ID is 237E9DB2, the new key ID is 0661CBBA. It's available from the keyservers.
I've published a transition document signed with both keys. If you’ve signed my old key, download the document, verify it and if it fits you, please sign the new key.
To do it, follow these instructions (also described in the transition document) :
To fetch my new key from a public key server, you can simply do:
gpg --keyserver pgp.mit.edu -recv-key 0661CBBA
If you already know my old key, you can now verify that the new key is signed by the old one:
gpg --check-sigs 0661CBBA
If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:
gpg --fingerprint 0661CBBA
If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key:
gpg --sign-key 0661CBBA
Lastly, if you could upload these signatures, i would appreciate it. You can either send me an e-mail with the new signatures (if you have a functional MTA on your system):
gpg --armor -export 0661CBBA | mail -s 'Sig' firstname.lastname@example.org
You have a last question ?
"Why not a RSA 4096 bits length key as almost everybody ?"
Hmm ... well ... because of the OpenGPG Smartcard v2 and GPG2 limits on key length and I want to be able to use my new key with this Crypto USB token (OpenGPG smartcard v2 inside).