Heute ist Neujahr. Für mich traditionell ein Datum, zu dem ich mich um meine persönliche Crypto-Infrastruktur kümmere.
Dieses Jahr habe ich entschieden, neue GPG-Keys basierend auf dedizierten Smartcards, konkret Yubikeys, zu verwenden, deren Laufzeit ich dafür jedoch deutlich erhöht habe. Die neuen Keys habe ich dediziert offline erstellt und werde sie ausschließlich auf besagten Hardware-Security-Modulen verwenden.
Anbei findet ihr mein vorläufiges Key-Transition-Statement:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Date: 2020-01-01
For a number of reasons, I have recently set up a new OpenPGP key,
and will be transitioning away from my old one.
The old key will continue to be valid for some time, but I prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.
The old key was:
pub rsa4096/0xDD74D08E812FC9CD 2017-01-01 [SC] [expires: 2020-02-01]
Key fingerprint = 29CC 134C ECBF B659 6CB5 DEFF DD74 D08E 812F C9CD
And the new key is:
pub rsa4096/0xFFDC1D0CC4733FA6 2020-01-01
Key fingerprint = FBBD 74B9 A751 925B B605 9948 FFDC 1D0C C473 3FA6
Note that the signing of this message may have been done by a SUBKEY of
that key, which may make the key id listed in the signature not match
the fingerprint listed here. You can verify it by checking the key listed
here for the subkey used in signing this message.
Please note as well, that the new key does not yet have a signature of the
old master key (which is an offline master key). It will be added later,
as soon as access to the old master key is restored.
Please let me know if you have any questions, or problems, and sorry
for the inconvenience.
Patrick Hanft
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOJhAsmVDUuXRAMU2C0d47tUm2KwFAl4M3EoACgkQC0d47tUm
2KxS1hAAofa6PHtjCwK0IsLuKp1qLaS+gj+16CwP5ITWeeQ1oM6ZhGaNhktOd+mW
kg517Hzh35sMw2tie0Wk+dBw6XhEhLUJmvZR5rkTu/sGAhV0Gpys+3d689LUohUD
ilfszxZa56ovyCoq9bOyRqmUjSpM+6TFrS795G0rDS4YayIHsTLm7ADwF3EEy9Rt
hnvmV7IbGQMJoMfetRUSu67++SEyEogZxRsGfgcXEXTqdSsNHDq6oD8SPx5moTr0
9Y8siFLU/k6UCI6qnYv9/vB70Nk9MFjXXPp9+ALPD5FL09CVCpEn6HUZmJ0RZhFK
c8aE28zWJDkznxlXCw2sfT2jQ0abA90B3isz4mjpiXl13OWIPZxfRn0nBZn05xMn
lS4zA7Drd7Mf4EIpdCHGojyuChxcnr/2mS8Twh4VcDgQVyFwO1SE+Lmgr64Qfjkr
xEmZTmBqQa2zrSKB/BeSWc+U1swF94IxJY1Mx4bJ1QC1xZ85aldMYuwCJzNTP+cc
uTuuDnRsJBWAVcAk3sorOz8nnFHjUON5Qq3Zprafz7+EDyg4AVqLZ533uWyzNBqb
JvuEMFXGGz66sNnNuJpItwLG0ZLZhP4kH8HAlvZNo7AWRbaIO3kzFfR6uqoKnQ61
6okEYnkCLQxOWOvttRufdLWfACHn8o1JOSitGebTqTpY0/5C41yJATMEAQEKAB0W
IQRB4B56XDn9/7IjPbVvTalm6EpDogUCXgzcSgAKCRBvTalm6EpDohpmB/9cGlGm
fbJXJN6b/uzJXkNVwxNdCjNnAVkxjr2wjGDbSCBR89LUuE2zG5WbPVP9AwiLHrKK
roF/4QE17UqQXA7LsyswY+ioQQxlS74RYFTgc3gz6nx6DXjlKRFDedNdfbYmirRt
VdXESaRDCm2wrnu6nhHlusEIvCJBJxnHawA4Vk+IF/qeyjzuqMqK+lkG5HVRdjZ9
cIr7Hpr5C3VpvPwDdMUGkqralnsnwXj/lTnY8XV+oGi9Xkb3UZvKTppL5BYeAoXC
r/XNxFfLXDxyymXXKCU2DcU30YDFrhRPCIh4squDLRKjlWneK1WD7YgXzxwDHJN2
aENO1ka3+89GKAV/
=0/Kd
-----END PGP SIGNATURE-----