Re: [Sks-devel] sks-peer.spodhuis.org maintainer PGP key update

[Phil Pennock]

On 2014-08-29 at 14:22 -0400, Phil Pennock wrote:
> I have a new(ish) PGP key, which is in the strong set and which I am now
> finally set up to conveniently use with email, so I can switch away from
> using my old 1024/DSA key 0x403043153903637F.
> 
> I am now using 0x4D1E900E14C1CC04 4096/RSA.  This key is signed by the
> old one, with a signing policy statement which references text saying
> "it's one of my keys", so rather than mess around to try to send this
> one message with the old key, I think this should be sufficient for
> folks to verify authenticity.
> 
> pub   4096R/0x4D1E900E14C1CC04 2013-10-22
>       Key fingerprint = ACBB 4324 393A DE35 15DA  2DDA 4D1E 900E 14C1 CC04
> [...]
> sig 3   P    0x403043153903637F 2013-10-22 never       Phil Pennock 
> <censored-against-spambots>
>    Signature policy: https://www.security.spodhuis.org/PGP/policy/self
> 
> If you are peering with me, please update your membership line with:
> 
> sks-peer.spodhuis.org 11370  # Phil Pennock <address@hidden> 
> 0x4D1E900E14C1CC04

Just to say: I'm about to issue a superseded revocation for the old key,
so if you still have 0x403043153903637F listed in your membership file
for me, please do switch it to record: 0x4D1E900E14C1CC04

pub   rsa4096/0x4D1E900E14C1CC04 2013-10-22 [SC]
      Key fingerprint = ACBB 4324 393A DE35 15DA  2DDA 4D1E 900E 14C1 CC04

Since the old key is about to be revoked, I'm only signing this email
with the newer key; the signature policy should provide assurance that
the holder of the old key asserts that the "new" key replaces it.

After almost three years and a Strong Set MSD of less than 5, I think
it's safe to switch, and more formally revoke the old key.

-Phil

signature.asc
Description: Digital signature