New PGP key
I have a new rsa4096 PGP key (0x1AA44BE649DE760A) created using gnupg. The master ([C]ertification) key is kept offline with the [S]igning, [E]ncryption and [A]uthentication rsa2048 subkeys held on a Nitrokey. The old one (0x8370665B57816A6A) is set to expire at the end of this year (after which I will probably revoke it).
pub rsa4096 2019-01-19 [C]
EC3C FE88 F6CA 0788 774F 5C1D 1AA4 4BE6 49DE 760A
uid Mark Wielaard mark@klomp.org
uid Mark Wielaard mjw@redhat.com
uid Mark Wielaard mjw@gnu.org
sub rsa2048 2019-01-20 [E]
31D5 60E6 EC7E 13B8 8724 A568 AE58 4E5D 7893 950F
sub rsa2048 2019-01-20 [S]
1276 8A96 7959 9010 7A0D 2FDF FC57 E3CC ACD9 9A78
sub rsa2048 2019-01-20 [A]
0EBC BDFB 00AC 689B C7C0 FEE4 85C7 C86B C843 7776
Get the new public key at https://gnu.wildebeest.org/~mark/gnupg-pub.txt or from one of the keyservers with gpg --recv-key 0x1AA44BE649DE760A.
I’ll use the new (signing) key for release tar balls (elfutils 0.176 was signed with the new key). And I am using gpg-agent --enable-ssh-support now so I can use the new (authentication) key for ssh access. To get my current ssh pubkey simply gpg --export-ssh-key 0x1AA44BE649DE760A.
Clear signed text of the above statement.