2016-09-05 6 months ago
The whole news about the "Evil32" attack on PGP keys made me have a long look at the key I used at home for my private e-mail, which was already almost 18 years old. Opinions about the best use of PGP have changed, risks have changed. So I followed some advice from Creating the perfect GPG keypair - Alex Cabal although 'perfect' is a bit overdone. I added the subkey for normal use, added a picture and cross-signed the new key with the old key. But in the end, the new key for my private e-mail addresses is:pub 4096R/0x5BA9368BE6F334E4 2016-09-05 [expires: 2021-09-04] Key fingerprint = 979B CF89 EBBF 9AC9 6A14 F56A 5BA9 368B E6F3 34E4 uid Koos van den Hout <firstname.lastname@example.org> uid Koos van den Hout (http://idefix.net/) <email@example.com> uid [jpeg image of size 11615] uid Koos van den Hout <firstname.lastname@example.org> sub 4096R/0x308216DA78517E3D 2016-09-05 [expires: 2021-09-04] sub 4096R/0x3B17C9ABE4A3C916 2016-09-05 [expires: 2021-09-04]The key is now available via my PGP page and via the keyservers: 0x5BA9368BE6F334E4 on the keyservers Now the next step is to start collecting signatures.