11 October 2010

Key transition

As Christian mentioned, the Debian Keyring Maintainers did a "promote" this weekend of the new keyring. I figure it's an opportune time to perform a public key transition, since this had the effect of replacing my key on the keyring.

For my new key, 0xF9FDD506, I decided to opt for a 4096-bit RSA, which is stronger than I should have to worry about for the foreseeable future. The key is much better connected than my previous one, 0x0AC70206. I also have a transition document, ripped almost word-for-word from Christian's.

If you signed my previous key, you should sign the new one unless you're feeling extra paranoid today.

1 comment:

  1. JFR, the main potential improvement with such newkey should be moving away from SHA-1 digest to stronger ones, like SHA-256 or SHA-512. You should make sure you use this stronger digest.

    ReplyDelete

Note: only a member of this blog may post a comment.