125B 5A0F DB78 8FDD 0EF4 1A9D C785 B90B 5053 A3A2
The previous, deprecated key has id 0x7640947667756F5D and fingerprint:
1645 B6EE 8311 1A03 03F2 B896 7640 9476 6775 6F5D
You can download both keys from wwwkeys.pgp.net. You can usually search by name or by id (in which case you'll probably have to include the 0x prefix). Be sure to check the fingerprint of the key you have downloaded in any case.
If the wwwkeys.pgp.net server you contacted is having problems, you can still download my current key from here (old one here), but this may be less up-to-date than what you should find on wwwkeys.pgp.net.
Here follows my “official” transition statement from key 0x7640947667756F5D to 0xC785B90B5053A3A2, signed by both of these keys:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1,SHA512 Friday, April 29th, 2016 Hello, Because of weaknesses discovered about the SHA-1 hash function, I have created a new OpenPGP key in March 2010, and been transitioning away from the old one. The old key is now deprecated; I prefer all correspondence to come to the new one. I would also like this new key to be reintegrated into the web of trust. This message is signed by both keys to certify the transition. The old key was: pub dsa1024/0x7640947667756F5D 2000-01-14 Key fingerprint = 1645 B6EE 8311 1A03 03F2 B896 7640 9476 6775 6F5D and the new key is: pub rsa4096/0xC785B90B5053A3A2 2010-03-17 Key fingerprint = 125B 5A0F DB78 8FDD 0EF4 1A9D C785 B90B 5053 A3A2 You can fetch the new key from a public key server: gpg --keyserver pgp.mit.edu --recv-keys C785B90B5053A3A2 or, alternatively, from my web page: wget -q -O- http://frougon.net/OpenPGP-key.asc | gpg --import - You should verify that the key you imported with this command (C785B90B5053A3A2) has the same fingerprint as stated above in this document: gpg --fingerprint C785B90B5053A3A2 If you have my old key in your keyring, you can now verify that the new key is signed by the old one: gpg --check-sigs C785B90B5053A3A2 If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you could sign my new key: gpg --sign-key C785B90B5053A3A2 and upload the resulting signatures to some place where I can find them. You can send them to me by e-mail like this (if you have a functional MTA on your system): gpg --armor --export C785B90B5053A3A2 | mail -s 'OpenPGP Signatures' firstname.lastname@example.org or, alternatively, upload them to a public key server: gpg --keyserver pgp.mit.edu --send-keys C785B90B5053A3A2 Thanks in advance. Please let me know if you encounter any trouble with these instructions, and sorry for the inconvenience. Regards, Florent Rougon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlcjzXkACgkQdkCUdmd1b10A5wCgwTdggL7ha20YlfHq7PUhHiRf JiUAn0ynTtT5g2VFwe8PwsqRBDVuITeCiQIcBAEBCgAGBQJXI82FAAoJEMeFuQtQ U6OiYaUQAJkSC3fPNNE0PszxZw+2dhac6aJc+4UJYme61bsTpyyfIv4ezN5HUjNX j/yoM+LbEOjPzJ4yAVr94bi3B8VlLpheVcrOTRw09yiwExCx0na//IZRDcL/osC7 aeusl7DP8sJTIY1wcW09L+qwzOPECDg93t1iVKY8px0PLpUeVDjFIIDQ1x6a+sGZ YdGZmKITLngRibYCJ8q105yhb+xQO0UssrAwx98kQLs6/u2rQhi1X1DS3Ob0YH74 GrhXHRCL3GJr6pJa0hW5Yw0maFVoTfPXCAbRdXycEKz1Brd1Vq/6PZjwvQ2XlBIy Ov0X+s64X2E9RbMLU6P8QLzH0SI1pt1JUF1AWcF6xet4jwwFkv78CTkQqSbc3HfZ LrgS+h9AbfKzutUA++zgPd5Vyhb24YvWxcJQ4gGtelx3Qk5V+BNW7+ntQ3SRpkYf cIEqu4wxsXMLF+01/HJAdlRifeYWRjw1Yh2SrFK7sivgEM78wGcASAfaSlSBJzrn s31ifOW9d50mxLWcCsqjDWtIkJXX9BDRLU+n/cwDuKJO0HieF9EuufhQZAmErKqE 4Kd/cINn/DxsHdNf9J6jq6BHVKBbXPNbEIo/P4a3DnweDA1TwEmFz/ykvL9AWb/x xch9eCvggKD/oCKQvIEq4Ps0Vx/R8cHXPUbvqaaeioZioLsdA6/9 =VhpX -----END PGP SIGNATURE-----