From 4ad3667dd39474e1e08d41fc9daa98981053c9d5 Mon Sep 17 00:00:00 2001 From: Ryan Schanzenbacher Date: Mon, 21 Feb 2022 03:32:11 -0500 Subject: Rotated GPG Key; updated key and added transition statement --- static/misc/gpg_key_rotation_signed.txt | 62 +++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 static/misc/gpg_key_rotation_signed.txt (limited to 'static/misc/gpg_key_rotation_signed.txt') diff --git a/static/misc/gpg_key_rotation_signed.txt b/static/misc/gpg_key_rotation_signed.txt new file mode 100644 index 0000000..6e130f3 --- /dev/null +++ b/static/misc/gpg_key_rotation_signed.txt @@ -0,0 +1,62 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +Hello everyone! Writing this quick article to announce the rotation and subsequent retiring of my old GPG key to a new one! I'm doing this mainly because my key has grown rather large, and I'd like to transition my key from using a 4096-bit RSA key to a Ed25519 key, which should provide functionally the same amount of security (author of Ed25519 quotes it equivalent to ~3000 bit RSA key, but I do know that really isn't the best way to compare these two things :P ) + +So, with this announcement, I'd like to make the following points: +* My old key is not compromised, but will be revoked after making this announcement +* I will *not* use my old key to sign things, encrypt things, or authenticate with anything from this point onwards. If I do, something is terribly wrong. +* This new key has been cross signed by my old key, but I won't be cross signing my old key with my new one, since that seems to be a "can go either way" situation in this case, and I don't see the benefit as the key is being revoked regardless. + +This is the information of the key that is being revoked: +``` +pub rsa4096 2020-09-29 [C] + 2BC5D27B47EE5632F97A668012FAE298AAD38D3D +uid [ultimate] Ryan Schanzenbacher +uid [ultimate] Ryan Schanzenbacher +uid [ultimate] Ryan Schanzenbacher +uid [ultimate] [jpeg image of size 3237] +sub rsa4096 2020-09-29 [A] [expires: 2022-10-03] +sub rsa4096 2020-09-29 [E] [expires: 2022-10-03] +sub rsa4096 2020-09-29 [S] [expires: 2022-10-03] +``` + +And this is the information of my new key: +``` +pub ed25519 2022-02-21 [C] + 3E8745425417A3E388ACD906067DC3463E17741C +uid [ultimate] Ryan Schanzenbacher +uid [ultimate] [jpeg image of size 4437] +uid [ultimate] Ryan Schanzenbacher +uid [ultimate] Ryan Schanzenbacher +sub ed25519 2022-02-21 [S] [expires: 2023-02-21] +sub cv25519 2022-02-21 [E] [expires: 2023-02-21] +sub ed25519 2022-02-21 [A] [expires: 2023-02-21] +``` + +I'd recommend to update your keychains if you happen to have my key, and the key hosted on the homepage of this website has been updated to reflect my new key. + +[Here is the signed version of this message](/misc/gpg_key_rotation_signed.txt) + +If you have any questions/comments/concerns, you can reach out to me at ryan@rschanz.org. + +Thanks! +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCAAdFiEEgSnZdpRh8KnFgjqSPuc7pG1zrkwFAmITOQgACgkQPuc7pG1z +rkx7yg/+KNqyJBnEgZJ8uBCopIf+JcmbK+Bob+K7l3dru9MrFXFW+clG47GsIlQE +312Ucviyy4cmKDyUHtnjslOU2NHN6mSjFvqTlLORzfZ5btRvwrmq47OWe3/UR/u7 +0utyQpx8inxxQQxQpjQzidXenaAhdrHx0QaR/5vAnzANOH25NcLVGYfbFaHtmtd9 +vDboSBflfnOTdeBNSNph4geehn61IFVLyWB5KKACwiVzits3aho4ypbieARzVNlu +wHkOwF+qopLkvVUJ7PxtXo4Wg/+bdXjB3ebaum7LDf4kElmZ2OZVOilCH6YbSLup +5QgS/oVNe4OD9AAU46CrZoF1J7eI+v/uZRHBB0LWVKfC3ZDozrkLsTopDSY8WNzp +4blH5K/sxsCqyuJiIf/70qLQ7wzrnxbSLd+wx9iVIdbC5aQKU69qHDmcVfhBjMRn +IVx/imSBqCiaMprGAA9oVq8mPEWQy9VSKKowZaVobM6Ds7PF0eOcSBzNjfU6BJYH +hi0nXswvGeIktSUjE5ADErGsWwQYUICrS3g+E7bX3N6IXM0KzlvkpLeqsOe6tR9U +T6zpQNags2Ynya+1d5YwG34pupwxMhPA5eruY4IfG/19k7/rADIXP/ssYwOzJe10 +D0/bUELhJp+tdA2MeEdFc+6LnsE7NwdTCuFYBrmfjQpPaIVmneeIdQQBFggAHRYh +BMRQVv/0iy7ynufwHIGw4iKj4jCOBQJiEzkIAAoJEIGw4iKj4jCOKRIBAO8dr/UQ +G05VCW8BmsuUCp4XqitHgGWhANp39TMjBPcAAQDvjF6TX5kPDt817ZIwqmYxu6UJ +XSqaYABaQcOegqvNDg== +=BLA9 +-----END PGP SIGNATURE----- -- cgit v1.2.3