Changing my OpenPGP master key
13 Jan 2017
After some thoughts I decided to change my OpenPGP master key.
I created my current keypair without thinking too much about it but now I realize the importance of proper key management, and I expect to use OpenPGP signing and encryption extensively in the future.
The main reasons for the change are:
- The key was created on a device connected to the Internet. The private key remained on such device for a long period of time and even if I haven’t evidence of compromise, I could not be sure.
- The key was created with a uid using an email with a DNS that I don’t own: gmail.com. I could rely on revoking uid but I prefer to have a single uid.
If I had my key signed by many others with all probability I didn’t change my master, but since my old master key isn’t widespread I decided to take this step.
Here follows the public statement signed with my old key, my new key, and opentimestamped:
My New Public Key