On Mon, Jul 16, 2012 at 10:54:11PM +0100, Steve Engledow wrote:
If you're going to do key-signing can you all update to "strong" keys please (ie something that's at least 2048 bits in size and uses a hash from the SHA-2 family; there are quite a few 1024D/SHA-1 keys in use it seems). If you're not sure how to generate one the instructions at:
Good thinking Noodles.
I've generated a new key F3C186D1 (fingerprint 8327 7F9B 98AF 5D29 EDC2 A42B BFF7 1C0A F3C1 86D1) and attached it to this email.
I've signed it with my old key and signed this email with my old key so that should be enough for you to trust it.
If not, here's a block of text which I've signed with the new key :)
How does that convince me that your old key hasn't been compromised and the person who now has control of it isn't trying to present a new key as "you" that you then can't read?
(I'll sign your new key when I meet you in person and exchange fingerprints.)
J.