-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1,SHA256

In light of recently announced improved attacks on SHA-1, I've
recently created a new GPG key, and will be transitioning away from my
old key.

The old key will remain valid for the next few months, but I prefer
all future correspondence to come to the new one. I'd also like the
new key to be re-integrated into the web of trust. This message is
signed by both keys.

The old key was:

pub   1024D/F0648172 2008-07-20
      Key fingerprint = F535 8097 8BB5 584A 3694  4AC2 5883 CA4F F064 8172

The new key is:

pub   4096R/A8169ACF 2009-05-18
      Key fingerprint = C808 7020 87F6 8CD8 C818  F239 DFC1 CF0D A816 9ACF

To fetch the full key, you can get it with:

  wget -q -O- http://nelhage.com/gpg.key | gpg --import -

Or, to fetch the new key from a public key server, you can simply do:

  gpg --keyserver pgp.subkeys.net --recv-key A8169ACF

My new key is signed by my old key, so if you already know and trust
my old key, you can verify it with:

  gpg --check-sigs A8169ACF

I'm going to continue to be around Cambridge for the foreseeable
future, and I'm happy to verify the fingerprint of my new key in
person, but if you are satisfied that you've got the right key, and
the UIDs match what you expect, you're welcome to sign the key now:

  gpg --sign-key A8169ACF

Once you've signed the key, you can either send me an e-mail with the
signature encrypted to me in the body:

  gpg --armor --export A8169ACF | gpg --armor --recipient A8169ACF --encrypt

Or you can upload the signature to a public keyserver directly:

  gpg --keyserver pgp.subkeys.net --send-key A8169ACF

For those of you who are still using 1024-bit DSA keys, I'd encourage
you to generate new keys to harden yourselves against the eventual
breakage of SHA-1. You can find more detailed instructions at
<http://www.debian-administration.org/users/dkg/weblog/48>.

Please let me know if you run into any trouble.

Thanks,
 - Nelson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoSEkkACgkQWIPKT/BkgXJ42ACg2dwrMHJFVwKzvxHgbMW1Jhmf
SIwAoKW7ZDXIytTmWNOzGEbcMGXsIRYdiQIcBAEBCAAGBQJKEhJJAAoJEN/Bzw2o
FprPmREP/3JP2EUpp6EPcfCJXYckF7pIZ+/JCI9TnSp706cl2TIJ1i77zKCZ1e2A
FuHgHvSazcKrTaQHH9RQpQlu4mLuTZdTKwqSSutEZoctZtj5up2UkYwThMcAWv8j
qMH7U8ZJJAlzoPt6uboufPZw7YxM0rd+oyJernZvjAvnwqNyE3clYb4VmYPOzwy0
jkc/4uYg1Wul+h0LubMKy/oipu8uSM2IR/HeLz/kTTWCFSkWbP/HKYFrvdL1jzNz
AU4hD7TbGtsODq1m4nBFyW89Qjehzw9xIDyetXOkOc1PTfQd2jTEOAahZM6TjnnK
bb8PQTmuuCZSMTaTB2XKYxAXWgm58/M6zfZEBoMM2QGa53L8X5JEejoTp6Qi1gR3
kVn7ps6ipMjPSFBq+Bar05DPk3Xyq4NZEPjTnJbHu6azVjELWjAzXPz2nDqoaccw
UINvoFUS+QxtRw4hmyfJxQH+ZyYTLlI4hOLlE5Q/ZQD0rbcVeS4mb35R8zcWjtPV
jAQKQ0vDFuQMtYY8UwPHmRu9Rlw/L9AZ1v2GjOt05HUVigQacszmCckYLR9+/fuj
tfisc/iEDTrmkSPiHkpBvUxMb3p6RhAr9cft3kQBWQgUbEwn0QMqW1wDHgsxZUeK
v5LprNeHING9iL55p7Z4v4XpVKksB1dHbX6yfFjAjaCAOa1Cykfl
=eLOQ
-----END PGP SIGNATURE-----