New PGP Key Fingerprint

A 2 minute read.

EDIT(Xe): M02 11 2020 I fucked it up, this key is broken. Don't bother trying to use it, it won't work. Use age to send messages with the key ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPg9gYKVglnO2HQodSJt4z4mNrUSUiyJQ7b+J798bwD9 instead.

This morning I got an encrypted email, and in the process of trying to decrypt it I discovered that I had lost my PGP key. I have no idea how I lost it. As such, I have created a new PGP key and replaced the one on my website with it. I did the replacement in this commit, which you can see is verified with a subkey of my new key.

My new PGP key ID is 803C 935A E118 A224. The key with the ID 799F 9134 8118 1111 should not be used anymore. Here are all the subkey fingerprints:

Signature key ....: 378E BFC6 3D79 B49D 8C36  448C 803C 935A E118 A224
      created ....: 2021-01-15 13:04:28
Encryption key....: 8C61 7F30 F331 D21B 5517  6478 8C5C 9BC7 0FC2 511E
      created ....: 2021-01-15 13:04:28
Authentication key: 7BF7 E531 ABA3 7F77 FD17  8F72 CE17 781B F55D E945
      created ....: 2021-01-15 13:06:20
General key info..: pub  rsa2048/803C935AE118A224 2021-01-15 Christine Dodrill (Yubikey) <[email protected]>
sec>  rsa2048/803C935AE118A224  created: 2021-01-15  expires: 2031-01-13
                                card-no: 0006 03646872
ssb>  rsa2048/8C5C9BC70FC2511E  created: 2021-01-15  expires: 2031-01-13
                                card-no: 0006 03646872
ssb>  rsa2048/CE17781BF55DE945  created: 2021-01-15  expires: 2031-01-13
                                card-no: 0006 03646872

I don't really know what the proper way is to go about revoking an old PGP key. It probably doesn't help that I don't use PGP very often. I think this is the first encrypted email I've gotten in a year.

Let's hope that I don't lose this key as easily!

---

Share on Mastodon

This article was posted on M01 15 2021. Facts and circumstances may have changed since publication. Please contact me before jumping to conclusions if something seems wrong or unclear.

This post was WebMentioned at the following URLs:

• <p><span class="h-card"><a href="https://mst3k.interlinked.me/@cadey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cadey</span></a></span> FYI: Revoking a GPG key works if you have the revoke certificate, that you hopefully generated when you generated the key itself.</p><p>If you didn't, do it NOW for your new key, and store it somewhere SAFE (like... on a piece of paper under your Bed).</p><p>Also: Backup your private GPG key, so this does not happen again (again: on a piece of paper under your bed, or better, in a Safe with a physical lock, if you happen to have one).</p>
• Parth
• [email protected]

The art for Mara was drawn by Selicre.

The art for Cadey was drawn by ArtZora Studios.