-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I am transitioning my GPG key to a new key that is only stored on hardware tokens and airgapped systems. The old key will continue to be valid for some time, but I prefer all new correspondence to be encrypted with the new key. I will be making all signatures going forward with the new key. This transition document is signed with both keys to validate the transition. If you have signed my old key, I would appreciate signatures on my new key as well, provided that your signing policy permits that without reauthenticating me. The old key, which I am transitioning away from, is: pub rsa4096/A9A8A2C9D19E1804 2011-12-29 [SC] Key fingerprint = 3EFE 50A3 C36E 01F7 B289 765D A9A8 A2C9 D19E 1804 The new key, to which I am transitioning, is: pub rsa4096/8816F018ADCAC78A 2016-05-28 [C] [expires: 2019-05-28] Key fingerprint = 3A38 8232 D466 0481 046C 759B 8816 F018 ADCA C78A To fetch the full new key from a public key server using GnuPG, run: gpg --keyserver pool.sks-keyservers.net --recv-key 8816F018ADCAC78A If you have already validated my old key, you can then validate that the new key is signed by my old key: gpg --check-sigs 8816F018ADCAC78A If you then want to sign my new key, a simple and safe way to do that is by using caff (shipped in Debian as part of the "signing-party" package) as follows: caff 8816F018ADCAC78A Please contact me via e-mail at if you have any questions about this document or this transition. Valentin Ochs a@0au.de 2016-05-29 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXSm36AAoJEDsRUoE6tPB9YmkP/Ah3URALICsfBF1/j23MSY52 8SwFqb5iH9YT9BjUayPTOzo0Eg+PxJHLkNg6gEIxF6DSSvzMU1TQaanokytCwmSN kI21uBQa+L/Lm//q6Uwhcd+eKeGuY+QomTHVJSLHtdbf1vLwakn6L+J6CvTgt1VR W7ac8qpd71hYuase6/1O5BGpI4I71WYqXOBgyrvveoVv7b3I1GGCbpwudU0JBYnY 1/QWjWQI3kLNzT8+sWoj6m+kSdmsgBCpKACR8nf6+wN7RPx92FIBTjHTd7UoTnZR 2Gqkv1gsWMLcJGwtc/VIfSVNOHQFBh3pmXHIpXUE5S/1489G0YwAFCqMj3+dwCaB rpiBxdfRk9t9+Lm2fOpFrzeDSn7QU1YN5BjRCE+aq4Ynl5ESlIdy7bRWQJX9Yf9s Y8/6H680Uw5l08cJ8kVE50LmhmgWJGu9p7foMYTDErgOpQAE0c0YOWVAXpJaSvk1 0aFq6Ad+9GDO8MHNmAZTj5tQ+KlVbt+7NXBBQ2Uqa21ynVtUkcL/dftDvKwTf/D6 8LMguveHFbI/WFOxFJpyiE7t2A9G9iY41O1+WqAZWcG1tjS+G9tHf1FuN3vzBGHe AH+bVNb4AxjEmCSQorxMiuHtPHjGRMbqz4Q1eHrAx/is61Z2QE6wzZHCXGqgf2/x 9jdF9ltmrB1p3h8kzn3QiQEcBAEBCAAGBQJXSm36AAoJEFiK1HsdBr6ZYmkIAK83 5X6bRrqF9kb9ioZuOXZDciAl89sgfDtvU14NbWoaUqn1kgwytuJuvTwXZrWNlfiX 1n+8yJpTe3N5nWo9PWL+Hlw4v/ySWFtzeyQppV3yc2UpFCVAzs8Rpsb3HpQZfQKT HbLMXRY57HWGCSqpugY/cNkRoL+YJBcW3lnmuz6JpiI7yNrk3oAIYUUYt+2rbt6H zLbCyY3NEst2O6JDjNdZJzAZu24pecjlHv7NDt/1+/31D/cFhjuxBj7KJNlRiid9 CzCn9f//6L4paXTLdq8CC0PZZYkyK+Rz+dhv8UIFlCQXOibcFwM+69K/iQhjg/Ey NZ3tzAy6+5s0/0ytN/Y= =UyZr -----END PGP SIGNATURE-----