OpenPGP Key Transition Statement for {fullName} I have created a new OpenPGP key and will be transitioning away from my old key. The old key has not been compromised and will continue to be valid for some time, but I prefer all future correspondence to be encrypted to the new key, and will be making signatures with the new key going forward. I would like this new key to be re-integrated into the web of trust. This message is signed by both keys to certify the transition. My new and old keys are signed by each other. If you have signed my old key, I would appreciate signatures on my new key as well, provided that your signing policy permits that without re-authenticating me. The old key, which I am transitioning away from, is: {{gpg --keyid-format=0xlong --with-fingerprint -k {oldKeyId} | head -n 2}} The new key, to which I am transitioning, is: {{gpg --keyid-format=0xlong --with-fingerprint -k {newKeyId} | head -n 2}} The entire key may be downloaded from: {pubKeyUrl} To fetch the full new key from a public key server using GnuPG, run: gpg --keyserver keys.gnupg.net --recv-key {newKeyId} If you already know my old key, you can now verify that the new key is signed by the old one: gpg --check-sigs {newKeyId} If you are satisfied that you've got the right key, and the User IDs match what you expect, I would appreciate it if you would sign my key: gpg --sign-key {newKeyId} You can upload your signatures to a public keyserver directly: gpg --keyserver keys.gnupg.net --send-key {newKeyId} Or email {email} (possibly encrypted) the output from: gpg --armor --export {newKeyId} If you'd like any further verification or have any questions about the transition please contact me directly. To verify the integrity of this statement: wget -q -O- {pubStmntUrl} | gpg --verify /{firstName}