Artificial truth

The more you see, the less you believe.

[archives] [latest] | [homepage] | [atom/rss/twitter]

I've got a new gpg key
Thu 13 August 2015 — download

gnupg logo

For a number of reasons, I've recently set up a new OpenPGP key, and will be transitioning away from my old one.

The old key will continue to be valid for some time, but I prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust.

My old key was:

pub   4096R/9768FD3CC48815F2 2010-10-14 [expires: 2016-10-12]
      Key fingerprint = F808 881C CDEE 45FD 37E9  6896 9768 FD3C C488 15F2
uid               [ultimate] VOISIN Julien <>
uid               [ultimate] Julien Voisin <>
uid               [ultimate] Julien Voisin <>
sub   4096R/B316D919F9BFABC7 2010-10-14

And my new one is:

pub   4096R/04D041E8171901CC 2015-07-25 [expires: 2020-07-23]
      Key fingerprint = 9FCD EE9E 1A38 1F31 1EA6  2A74 04D0 41E8 1719 01CC
uid               [ultimate] Julien (jvoisin) Voisin <>
uid               [ultimate] Julien (jvoisin) Voisin <>
uid               [ultimate] Julien (jvoisin) Voisin <>
sub   4096R/AC28F00D0351B960 2015-07-25 [expires: 2020-07-23]

To fetch the full key from a public key server, you can simply do:

gpg --keyserver --recv-key AC28F00D0351B960

If you already know my old key, you can now verify that the new key is signed by the old one:

gpg --check-sigs AC28F00D0351B960

If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint AC28F00D0351B960

While we're speaking about GPG, I would highly recommend monkeysign if you don't already have a fancy setup to manage keysigning; and also parcimonie (or even better, its bash version) to refresh your keyring without leaking it.

Please let me know if you have any questions, or problems, and sorry for the inconvenience.