[HacktionLab] GPG Key Transition
John
johnc at aktivix.org
Mon Sep 13 00:42:11 BST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
I've recently set up a new GPG key, and will be transitioning away from
my old one in the not too distant future.
My motivation for this is the recent vulnerabilities that have been
discovered in the SHA-1 cryptographic hash function which is currently
the default algorithm used for electronically "signing" emails via GPG.
My new key uses the more secure algorithm SHA512.
The US National Security Agency (NSA) will stop using the SHA-1
algorithm by the end of the year, (just in case you thought I was
succumbing to an especially bad bought of paranoia ;-).
Check out the link below for more details:
http://www.debian-administration.org/users/dkg/weblog/48
The old key will continue to be valid for a time, but I prefer all
future correspondence to be encrypted with my new public key if
encryption is required. I would also like this new key to be
re-integrated into the web of trust. i.e. please sign my new key.
Please first check that the information in this email is valid, so as to
avoid a potential man in the middle attack. You can do this by first
checking that my new key, (available from the key server(s) below), is
indeed signed by my old key.
pool.sks-keyservers.net
Cheers,
John.
P.S. For users who are more at ease with using a GUI solution such as
Thunderbird/Icedove and Enigmail to send secure email: A slightly
simpler solution than that outlined in the link above is available to
make the necessary changes. Only three lines need to be pasted into the
file gpg.conf and one into the file user.js. All other changes can be
made via enigmail's GUI. I'll document this soon, when I have the time.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBCgAGBQJMjWVTAAoJELy1jPQ1KER7hPYP/i8XzMPaV+4oleWoiHpueat6
3EhkTAjU8jc0xpXsng6J6rGXLFY/EY1QzzGnhsyuSc4PQABpeEIzIFRtcCupoiK8
AdyUaUQ8knKbmtShmPksQF5sG0Czj8FNUHLsIsSIf+YeNud4V94kE254xIZ8waAM
nUmcPz/r2KvocVEsGTqnXV/mlAaLOEGhjfJEral84UiihWDTxa5oBHnUFFyYpzf6
H2qFpt9aw63hCX1W0MuB4nuuh4JT1pfhXegE881eoP14HXAw6K0eRYcNewzCtf8H
Sauk8nAO7FcIQGUR71Bm+JOBlsahYoGOVWyg7nXGQwYyfN5IiDlIv8O8x2+S5U5S
qev9poM/2p6KT4oAqc4YLJl7vqP/H55s8Sbbb0AZhjfnBG3A3EbE3IyNETBAMmFf
WvT+jFMZWnOgJMSzSGctwW1tjR09+RvKtePALUu1QM3GtEriylmCU+Td2UyWfWD5
qkK5PGp0wQg6dpkYYpXhsrl95kQcFqtZm8GFtQMS/FSu/DvOqTbtTIPPtLk2io4t
g6OmvYtl6pG7RNhJGoLaIGbuIpmt5mpONJpPaJtXM4qMfNfEjOCxtgwa1FF4ICwA
OgKAEmhEKTPIKcUjqeVF/F3vLrO8RDYYXqcyLcXOKyYwiok/Xp72kttoGFKFsjKY
l6967DX4lS/MAZ0I9MdQ
=8Xa0
-----END PGP SIGNATURE-----
More information about the HacktionLab
mailing list