thoughts/_raw/about/key-transition.txt

Key Transition Statement
========================

New Fingerprint: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
  2016-10-13

Old Fingerprint: 2217 5B02 E626 BC98 D7C0  C2E5 F22B B815 8EE3 0EAB
  2011-06-16


I have transitioned away from my old GPG key 0x0EAB to 0x6D05; the new
key will be used exclusively from this point forward.  Please
discontinue use of 0x0EAB.

The new key has been signed with the old to assert my identity and
introduce it into the web of trust.  This message has been signed with
both keys; two detached signatures are available:

  gpg --verify key-transition.txt.new.asc key-transition.txt
  gpg --verify key-transition.txt.new.asc key-transition.txt

The old 0x0EAB key will be allowed to expire on 2017-04-19, at which
time it will be revoked and marked as superseded.  This expiry will
allow the new key to remain in the web of trust until I can have my
new key signed at the LibrePlanet 2017 conference in March.  There is
little use in changing the expiration to an earlier date when many may
not update my public key until it has expired anyway.


Background
----------
My security practices have changed considerably since
the old 0x0EAB key was created back in 2011---I have no way to
guarantee that the secret key has not been compromised in some way in
past years, though I'm fairly confident that it hasn't.  The secret
key is also stored on the same box as the subkeys.

The new secret key is stored offline on encrypted storage and will
only be accessed using an airgapped system running a trusted,
hardened, ephemeral operating system (e.g. Tails).  The keys were
generated in that same environment.

The subkeys are placed on a tamper-proof smartcard (Nitrokey Pro, at
present).  The card will be locked after three invalid PIN attempts,
and bricked after three invalid Admin PIN attempts.  If the card is
ever misplaced or cardnapped, I will still revoke the subkeys for good
measure.

-- 
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: 575B 4A21 12A4 BB38 4B7E  3681 2E8F D41C 5322 6D05
Old: 2217 5B02 E626 BC98 D7C0  C2E5 F22B B815 8EE3 0EAB
https://mikegerwitz.com
: GPG key change and transition statement 2016-10-13 22:58:54 -04:00			`Key Transition Statement`
			`========================`

			`New Fingerprint: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05`
			`2016-10-13`

			`Old Fingerprint: 2217 5B02 E626 BC98 D7C0 C2E5 F22B B815 8EE3 0EAB`
			`2011-06-16`


			`I have transitioned away from my old GPG key 0x0EAB to 0x6D05; the new`
			`key will be used exclusively from this point forward. Please`
			`discontinue use of 0x0EAB.`

			`The new key has been signed with the old to assert my identity and`
			`introduce it into the web of trust. This message has been signed with`
			`both keys; two detached signatures are available:`

			`gpg --verify key-transition.txt.new.asc key-transition.txt`
			`gpg --verify key-transition.txt.new.asc key-transition.txt`

			`The old 0x0EAB key will be allowed to expire on 2017-04-19, at which`
			`time it will be revoked and marked as superseded. This expiry will`
			`allow the new key to remain in the web of trust until I can have my`
			`new key signed at the LibrePlanet 2017 conference in March. There is`
			`little use in changing the expiration to an earlier date when many may`
			`not update my public key until it has expired anyway.`


			`Background`
			`----------`
			`My security practices have changed considerably since`
			`the old 0x0EAB key was created back in 2011---I have no way to`
			`guarantee that the secret key has not been compromised in some way in`
			`past years, though I'm fairly confident that it hasn't. The secret`
			`key is also stored on the same box as the subkeys.`

			`The new secret key is stored offline on encrypted storage and will`
			`only be accessed using an airgapped system running a trusted,`
			`hardened, ephemeral operating system (e.g. Tails). The keys were`
			`generated in that same environment.`

			`The subkeys are placed on a tamper-proof smartcard (Nitrokey Pro, at`
			`present). The card will be locked after three invalid PIN attempts,`
			`and bricked after three invalid Admin PIN attempts. If the card is`
			`ever misplaced or cardnapped, I will still revoke the subkeys for good`
			`measure.`

			`--`
			`Mike Gerwitz`
			`Free Software Hacker+Activist \| GNU Maintainer & Volunteer`
			`GPG: 575B 4A21 12A4 BB38 4B7E 3681 2E8F D41C 5322 6D05`
			`Old: 2217 5B02 E626 BC98 D7C0 C2E5 F22B B815 8EE3 0EAB`
			`https://mikegerwitz.com`