Who am I...
This may be what a journalist and a technologist look like.
Recent blog posts
External Links
http://english.aljazeera.net
http://transparency.aljazeera.net
http://oti.newamerica.net
http://tech.chambana.net/projects/commotion
http://www.measurementlab.net
http://www.indymedia.org
http://www.imcfest.org
http://www.ucimc.org
http://www.wrfu.net
http://www.chambana.net
http://www.acornactivemedia.com
http://www.riseup.net
GPG Key Transition
For multiple very good reasons brought to my attention by the awesome Riseup.net folks at this past Chaos Communications Camp, I've recently setup a new OpenPGP key and am actively transitioning away from my old one. Some of these reasons include upgrading to a stronger (4096 RSA) key and removing the use of MD5 and SHA-1 for signatures and digests. You can read more at Riseup's OpenPGP Best Practices page and Debian Administration's HOWTO prep for migration off of SHA-1 in OpenPGP. The old key will continue to be valid for some time, but I prefer all future correspondence to come to the new one. I would also like this new key to be re-integrated into the web of trust. Please find here a statement signed both keys, certifying the transition.
The old key was:
pub 1024D/9C1BDFB4 2009-04-24 [expires: 2014-04-23]
Key fingerprint = B79F 897E 2937 E3F5 7085 C38B 26DE 9F34 9C1B DFB4
And the new key is:
pub 4096R/36377134 2011-08-14 [expires: 2016-08-12]
Key fingerprint = 631E FC06 42A8 D5D2 2C52 FBA0 E62E 990F 3637 7134
You can fetch the full key from a public key server (keys.mayfirst.org, keys.indymedia.org, or keys.gnupg.net, or subkeys.pgp.net):
gpg --keyserver keys.mayfirst.org --recv-key 36377134
If you already know my old key, you can now verify that the new key is signed by the old one:
gpg --check-sigs 36377134
If you don't already know my old key, or you just want to be double extra paranoid, you can check the fingerprint against the one above:
gpg --fingerprint 36377134
If you are satisfied that you've got the right key, and the UIDs match what you expect, I'd appreciate it if you would sign my key. You can do that by issuing the following command:
gpg --sign-key 36377134
I'd like to receive your signatures on my key. You can send me an e-mail with the new signatures:
gpg --export 36377134 | gpg --encrypt -r 36377134 --armor | mail -s 'OpenPGP Signatures' dan.meredith@aljazeera.net
Additionally, I highly recommend that you implement a mechanism to keep your key material up-to-date so that you obtain the latest revocations, and other updates in a timely manner. On a system with cron, you should add something similar to the following to your personal crontab:
0 12 * * * /usr/bin/gpg --refresh-keys > /dev/null 2>&1
Please let me know if you have any questions, or problems, and my apologies for the inconvenience.