Sun, 31 May 2009

For a number of reasons, i've recently set up a new OpenPGP key, and
will be transitioning away from my old one.

The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.

the old key was:

pub 1024D/9F04ED5E 2004-01-15 [expires: 2010-02-21]
Key fingerprint = B79A 36D6 A269 F302 3D49 8678 34F2 527D 9F04 ED5E

And the new key is:

pub 4096R/440C5437 2009-05-31
Key fingerprint = 87C3 BF5F 034A 6801 338A 7963 4C1E 7C65 440C 5437

To fetch the full key (including a photo uid, which is commonly
stripped by public keyservers), you can get it with:

wget -q -O- http://alessiocaiazza.info/nolith.gpg | gpg --import -

Or, to fetch my new key from a public key server, you can simply do:

gpg --keyserver http-keys.gnupg.net --recv-key 440C5437

If you already know my old key, you can now verify that the new key is
signed by the old one:

gpg --check-sigs 440C5437

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint 440C5437

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

gpg --sign-key 440C5437

Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):

gpg --armor --export 440C5437 | mail -s 'OpenPGP Signatures' nolith@abisso.org

Or you can just upload the signatures to a public keyserver directly:

gpg --keyserver http-keys.gnupg.net --send-key 440C5437

Please let me know if there is any trouble, and sorry for the
inconvenience.

Regards,

--nolith

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)