Encryption is in the news a lot these days for some reason. Â I’ve been doing encryption using the PGP family of encryption systems for quite a while now, but hadn’t been paying close attention until a recent reminder landed in my inbox from the Debian project. Â They warn about “1024D” GnuPG keys being weak, which is a fancy way of saying “the way all the cool kids created keys back in the late ’90s”. Â Including yours truly. Â Oops!
So, it’s time to replace my key. Â I’ve uploaded the new one to the key servers and created a transition statementÂ per the guidelines in this fine document, with some changes inspired by others doing the same. Â The details are in the transition statement, so I won’t bore you with long strings of hexadecimal numbers here.
The next step is to get signatures for the new key. Â I’ll be at the Linux Foundation Collaboration Summit next week, and would greatly appreciate meeting with people in person to do key signings. Â If there are any key signing parties happening, please invite!
Sorry for everyone who’s wondering what I’m talking about. Â We all have secrets to keep, and conversations we wouldn’t want spread around; encryption gives you a little more control over that. Â Plus, encryption lets you “authenticate” people, which is a fancy way of saying “is that you, George?” when you get messages from people, and letting them say “is that you, Jeff?” when you send messages back. Â If you want to learn more about taking control of your communication, post a comment, email me, or search for “PGP”, “GnuPG”, or “encryption” in your favorite search engine.