-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1,SHA256

Sat, 17 Jul 2010 05:01:34 -0400

I have recently created a new stronger 4096 bit key [290DB9CE] using
SHA-256 to replace my older 1024 bit key [CC453197].

The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.

The old key was:

pub   1024D/CC453197 2006-08-06
      Key fingerprint = 2B98 FD5F 51A3 53E7 A921  9855 3C41 5250 CC45 3197

And the new key is:

pub   4096R/290DB9CE 2010-07-17
      Key fingerprint = 0C19 C882 237D 25D4 3B8A  41BE 7037 3CF1 290D B9CE

To fetch my new key from a public key server, you can simply do:

  gpg --keyserver pgp.mit.edu --recv-key 290DB9CE

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs 290DB9CE

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

  gpg --fingerprint 290DB9CE

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign and send my key.
The easiest and most convenient way to do this is to use the caff
script, which can be found at http://pgp-tools.alioth.debian.org/ or
in the signing-party package in Debian and Ubuntu.

  caff 290DB9CE

Or you could sign and send me an e-mail with the new signatures (if
you have a functional MTA on your system) as follows:

  gpg --sign-key 290DB9CE
  gpg --armor --export 290DB9CE | mail -s 'OpenPGP Signatures' varun@debian.org

Please let me know if there is any trouble, and sorry for the
inconvenience.

Regards,
Varun Hiremath
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFMQXHiPEFSUMxFMZcRAtY8AJ9yzDvMuVTNfTzm7wtk2K9POqX70ACdF8Df
mZ4mEro5v2I8Hac9L8rBO2uJAhUDBQFMQXHicDc88SkNuc4BCHqlEACkY+4Hou2w
eAULzMBuaHLxpKWq0ZJ3ovwzsLr/TR2l5zKLFJQbBIL46/cv9gz4MYMnv6mYz/bT
WHNjlmh21ZL22X08BMPZO4E6wHMWUnOvHeJke/I6Ws/MCN/sC+yylL/gmJIFFIFT
rV8EDphQFWPTVnIAErYmFKot0dHVLgsvsKTk9O5sQlxyNzgWTbm7h8ZjwgVKbvaA
E2QThPHILoaGkUoa16g/UpNCurTkrCPmpl+f4pRdnWmQbMnVi1M+l0Tn+ZkFnvN6
AJbsZJfTAWF6XZlx5XEgksRV5vYtJdvzTVIbyZm763VKaQHWHrOKsDw1QgaruWYt
JTN0i5O8o+U3r/7DleoubvjWtynI5rmyKqFyEayqs0jbGSY3mYgjyuBBuvBCvlVz
4eCd5LumF7TKq26NzJVIvBcPW7TOR9szwX2dVV+UefrHgm23q8vPPGVpVyGsPTbH
7bebziuPPSpBX/q1CiULqQmiw7AbQLF4Yx/uVdgOb9p2r/GebN4rXpqgge8pzPbX
vn6HnG2wDVmc+0wdYqGJeudDu8wmBgTrAeqsz7VU3YXdHkNfBjnQK5wNssq789Gx
UcWIBTHqXji4E2w4KA2EUjdbqcPjfUMuDJ1gr7io7JOVZGQ3EDh/AwjuNQoMDQdd
ozGQV+FROqvBEkSLV7audKdsX8gRrj06tg==
=mo8T
-----END PGP SIGNATURE-----