GPG Public Key

If you want to send me encrypted mail you will need to import my GPG public key into your keychain. As of February 19, 2014, my GPG public key ID is: 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0

You can import my key by downloading it and then importing it:

$ wget https://mjanja.ch/wordpress/wp-content/uploads/2013/10/0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0.asc
$ gpg2 --import 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0.asc

… or grabbing it from the OpenPGP public-key infrastructure:

$ gpg2 --recv-keys 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0

Until of February 19, 2014

I was previously using the GPG key with ID: 0xf92c4bd91084bb5de14e20be9470dd588dd1026c. My key transition document explains in more detail why I switched to newer keys.

If you’d like to verify my key transition document, import both my old and new key and then use gpg2 --verify:

$ gpg2 --recv-keys 0xf92c4bd91084bb5de14e20be9470dd588dd1026c
$ gpg2 --recv-keys 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0
$ wget https://mjanja.ch/wordpress/wp-content/uploads/2013/10/key_transition.txt
$ wget https://mjanja.ch/wordpress/wp-content/uploads/2013/10/key_transition.txt.asc
$ gpg2 --verify key_transition.txt.asc

The output should say “Good signature” for both keys. If you see a WARNING, it means GPG verified that the key(s) indeed made the signature, but the trust level is unknown/undefined.