I’ve recently set up a stronger (4096R) OpenPGP key, and will be transitioning away from my old (1024D) one. To a large extent this is about being able to use the SHA-2 family for signatures.
The old key will continue to be valid for some time, but I prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. Please see this statement signed with both keys, certifying the transition.
The old key was:
pub 1024D/FAF2463A 2006-11-20 Key fingerprint = 4947 BB72 9192 8645 CC8B F142 8AF2 8D1C FAF2 463A
The new key is:
pub 4096R/13CD4F59 2010-07-11 Key fingerprint = AFEB 2D24 4715 3F0D 9250 8A8B 5882 A0DC 13CD 4F59 uid Andreas Olsson uid Andreas Olsson uid Andreas Olsson uid Andreas Olsson sub 4096R/9A943D4A 2010-07-11
To fetch my new key from a public key server, you can simply do:
$ gpg --keyserver pool.sks-keyservers.net --recv-key 0x13CD4F59
If you already know my old key, you can now verify that the new key is signed by the old one:
$ gpg --check-sigs 0x13CD4F59
If you are satisfied that you’ve got the right key, and the UIDs match what you expect, I’d appreciate it if you would sign my key:
$ gpg --sign-key 0x13CD4F59
Lastly, if you could upload these signatures, I would appreciate it:
$ gpg --keyserver pool.sks-keyservers.net --send-key 0x13CD4F59
Please let me know if there is any trouble, and sorry for the inconvenience.