-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I am transitioning from an old OpenPGP/GnuPG key to a new one.

The old key is this one:
pub   rsa4096 2015-12-13 [C] [expires: 2020-07-13]
      C5FFC7072E7E54E352A028E52721FAA286AC2D96

At the time of writing, I have already set it to expire in one week. After
signing this transition statement with it, I will revoke it entirely.

The new key is this one:
pub   ed25519 2020-07-05 [C] [expires: 2021-01-01]
      144FEA6B3FF0F6EFD035963B38ACA93052B3EB9A

You should be able to retrieve it at <http://scy.name/keys/52B3EB9A.asc>.

I am planning to keep that new key for a long time and extend its validity twice
a year about three months before the expiration date.

The main reason behind this migration is to switch to elliptic curve
cryptography. I am replacing my old YubiKey with a new one that supports ECC.
Also, GnuPG and SSH support ECC long enough now that I should be able to use it
on all of my machines, and people I interact with should be able to use it, too.

The old key has been used to some degree, but I did not extend its expiration
date for years now, because I wasn't using GnuPG at all. It had therefore expired
on 2017-12-12. There are no indications that it has been compromised.

Since signing a file with two different YubiKeys at the same time is somewhat
difficult, I am signing this document only with the old key. I've also used the
old key to sign the new key, but not the other way around: After all, I want
people to stop using the old key, not give it any more credibility.

This document will be published at my (horribly outdated) website at
<http://scytale.name/files/2020/07/2020-07-06-openpgp-migration-86AC2D96-to-52B3EB9A.txt.asc>.
I will also link to it on Twitter and Mastodon.

Please contact me if you have any questions.

Tim Weber - scy@scy.name - Twitter: @scy - 2020-07-06

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEHFcI4dr9RtP0Kiontt4kLIUqa0cFAl8DCt4ACgkQtt4kLIUq
a0fkPAgAlFk8hnhYGr2k+ykhwBAXI94GApaquP+zY1Qdc2Ylaw2E5Tpi0MdVi8CQ
kp2+MILlcWrNrW1Dm+qi+KYLUmbqp1W9Uay6cryFHS4S3UsOeiuI0kWMlxh8HoMK
DSvU2R84x7wawgVypm9RysjlghuWdf8DJQ+FFmQYrG48aM+xCoEIqhyn7DFYay8B
qymHzBvu98EILfLdSJV3DFsJexr6LLknVOeW7xNtS7jUALxKGgwOiqBB9zyn0kJ2
lBuAnu57fLGlbY9Ew1Q2Hg3Tc6/3btaTLjAZLxrd4Jld41km5INCn8kfc9G6EIQS
1JjsDsx7+FoUbVT47HkfJNQDjTog2w==
=r3mE
-----END PGP SIGNATURE-----