-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1,SHA256 Wed, 14 Apr 2010 13:52:43 -0400 I have decided to create a new OpenPGP key and migrate from my old key due to SHA-1 security concerns and to correct the name associated with my UID. I have not recreated many of the UIDs present on my old key since I do not wish to receive messages at most of the addresses. My primary email address is the only one associated with my new key right now. This message has been signed by both of these keys so that you may verify that I am in control of both. Messages encrypted to my old key will still be accepted, but no new signatures will be issued from it. I will be going over my public keyring and issuing new key signatures to replace old ones after performing verification on each key to ensure it is still valid. For reference, my old key is: pub 1024D/9C3D5BB9 2004-09-06 Key fingerprint = BD82 FF63 534A DE88 12AB CFC2 AA59 39B1 9C3D 5BB9 And the new key is: pub 2048R/CF8338F5 2010-04-14 Key fingerprint = 2B7A B280 8B12 21CC 260A DF65 6FCE 505A CF83 38F5 You may obtain the new key either from a public key server: gpg --keyserver pgp.mit.edu --recv-key CF8338F5 Or by downloading it from my website: wget -q -O- http://www.chrishowie.com/files/chrishowie.asc | gpg --import - My new key has been signed by the old to indicate that I am authorizing this change. If you would like to verify the signature: gpg --check-sigs CF8338F5 If you have previously signed my key, I would appreciate your signature on my new key -- after, of course, you are confidant that I am actually in control of the new key. Note that, as stated above, not all of the UIDs present on the old key exist on the new key. If you have previously signed only UIDs that have not been transferred, please feel free to email the address on the key to verify that I am also in control of that address. My reply will be signed by both my old and new keys. You can sign the new key by issuing: gpg --sign-key CF8338F5 And finally, making this signature public by sending it to a key server: gpg --keyserver pgp.mit.edu --send-key CF8338F5 After doing this, I would be grateful for an email notice that you have signed my key, but you do not have to notify me if you do not want to. That is all. Please do not hesitate to email me with any concerns. -- Chris Howie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkvGBcoACgkQqlk5sZw9W7kE3wCePy1A9I0SnqGhkNzyiUScM4W5 w1MAoIirbP7y1JaML8KJyeI7JRUlcSsjiQEcBAEBCAAGBQJLxgXKAAoJEG/OUFrP gzj182IIAIPk4cP1QkEGy98nns4hoJ12lfWe/2231w74AQ6XWOaXgVg3AlOl1mb2 70g2LhLDXx1EYAmilvXC1/pE6lo1gsYSncpH5ixtcjWa6T7qg2EBuGtrnEW3wHcn m6Xwgcs2TAeQ4Fk93yNS3blQPiuswEGXrICQeHHS5RvWQHMkBqaKRlcgy4aKy493 kxrGMx8gIShE0oYaVKhFTW4dKHBs7od75VI5oHTUcQ3tfAy3vAnu4R8wUsPmRZMo RnLSZtHHqqeQBfV6wgHfQQa9Wf/W4NALEFJ6DdGqiqFJLlIR73KF9iZq3Q8mTWoP LIpPNuHC8Sz3Us3aYe9DzALGYl8L5iU= =mIjp -----END PGP SIGNATURE-----