-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 New CERT.at and GovCERT.gv.at PGP keys ====================================== Our "old" (2014 vintage) keys are expiring, therefore we have created new ones. Some background on our keys: we have master signing keys, which are kept strictly offline and only exist to sign the other keys. We also have team keys, which are used for general communications with the whole team. Both keys are recreated. In addition, there are individual personal PGP keys which are also signed by our master keys. You can find all the keys in our keyring at https://cert.at/static/pgpkeys.asc . This transition document is signed by both the old and new CERT.at signing keys, and the new GovCERT.gv.at signing key (because the old one has already expired). If checking trust paths, you should therefore start with the "old" CERT.at signing key. For CERT.at =========== Signing/master key - ------------ Old: pub rsa4096 2014-03-19 [SC] [expires: 2024-08-26] FB598F2F6B680211F85D2A0C998C1CC6C2E0E6A7 uid CERT.at master key sub rsa4096 2014-03-19 [E] [expires: 2024-08-26] (Expiry extended from 2019 to 2024 to ease transition) New: pub rsa4096 2019-02-25 [SC] [expires: 2034-02-21] 85550D8D5236BBF16A490DEBD57E00EA00709A3D uid CERT.at master key sub rsa4096 2019-02-25 [E] [expires: 2034-02-21] Team key - -------- Old: pub rsa4096 2014-03-19 [SC] [expires: 2019-03-18] AD3520E52CE88BA250B285078D2F23E111334B61 uid CERT.at (General Communications) uid CERT.at (Incidents) sub rsa4096 2014-03-19 [E] [expires: 2019-03-18] New: pub rsa4096 2019-02-25 [SC] [expires: 2024-02-24] 0381BEF56694B5325BF04DDCA1DAC3EDFF4DFFB7 uid CERT.at (Incidents) uid CERT.at (General Communications) sub rsa4096 2019-02-25 [E] [expires: 2024-02-24] For GovCERT.gv.at ================= Signing/master key - ------------------ Old: pub rsa4096 2011-02-23 [SC] [expired: 2016-02-22] B79EBB3252BC1859660BF390F0B3399C2925E79B uid GovCERT.gv.at master key (signing only key) New: pub rsa4096 2019-02-25 [SC] [expires: 2034-02-21] B9AA8215E37F19F40C128D4913F59859835FB520 uid GovCERT Austria master key sub rsa4096 2019-02-25 [E] [expires: 2034-02-21] Team key - -------- Old: pub rsa4096 2014-03-19 [SC] [expires: 2019-03-18] 9F9596C85FE84EB68130DDBB7B22517412B5F638 uid GovCERT Austria (General Communications) uid GovCERT Austria (Incidents) sub rsa4096 2014-03-19 [E] [expires: 2019-03-18] New: pub rsa4096 2019-02-25 [SC] [expires: 2024-02-24] 5B941FC42C56084F8D69324D712728E78C5A903E uid GovCERT Austria (Incidents) uid GovCERT Austria (General Communications) sub rsa4096 2019-02-25 [E] [expires: 2024-02-24] To fetch the full key, you can get it with: wget -q -O- https://www.cert.at/static/pgpkeys.asc | gpg --import - Or, to fetch our new keys from a public key server, you can simply do: gpg --keyserver keys.gnupg.net --recv-key 5B941FC42C56084F8D69324D712728E78C5A903E B9AA8215E37F19F40C128D4913F59859835FB520 0381BEF56694B5325BF04DDCA1DAC3EDFF4DFFB7 85550D8D5236BBF16A490DEBD57E00EA00709A3D If you already know our old keys, you can now verify that the new keys are signed by the old one: gpg --check-sigs 5B941FC42C56084F8D69324D712728E78C5A903E gpg --check-sigs B9AA8215E37F19F40C128D4913F59859835FB520 gpg --check-sigs 0381BEF56694B5325BF04DDCA1DAC3EDFF4DFFB7 gpg --check-sigs 85550D8D5236BBF16A490DEBD57E00EA00709A3D If you don't already know our old keys, or you just want to be double extra careful, you can check the fingerprint against the one above: gpg --fingerprint 5B941FC42C56084F8D69324D712728E78C5A903E gpg --fingerprint B9AA8215E37F19F40C128D4913F59859835FB520 gpg --fingerprint 0381BEF56694B5325BF04DDCA1DAC3EDFF4DFFB7 gpg --fingerprint 85550D8D5236BBF16A490DEBD57E00EA00709A3D Please let us know if there is any trouble. Regards, CERT.at & GovCERT.gv.at -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBCAAGBQJch7W2AAoJENV+AOoAcJo9Tt4P/2Wyt42wLXT5ncOWHkRMF3Ba fV+h5Q7WNxcgdVXsT6OhONrUeoBKe6U/zOEP/3EdXZ/hg5CaYydFdw4YLYeYNHoZ qcMUei870/deApXDlQsKKfYzEYFLQZpw+YQK80gyZxjxaXxGRNA3DwWUxf0lkdy3 eGPD/OiEcpDGZa9qFrvBXHe3WjGu6FwYLxacJJyL9WGIUkSWNBt0MxDephLqX0Rc TQIwLi41NJ/WK2XaJXGluCfYl5IAlqU5z87A3jmmyTYOQDOVU4maijuMuK3l+Luc m9MEjO6M5Q6tV4bwDhbKJf519PQltacx5TkXXsvIKMVHsDrh0wQBvLBJ1qf2gWOb uv4IOJApEB5k4Tmd4INdwUYPZY4zS2AHzf+jf9MUkQcb92khFe+CBtlf4OcbkKsG Cn35DZZ+2pPZOinkSBBlXaofFz20NeuMvtp5q+5ihFUAZjLmldKiKbE0zUVQ1xJL j+GeOWyn7wIefYvF+3vIwAblfq9ZbHfuuPwUYJb1aRSoLuvWeKFeILkfy4Cp2uN3 3EpjxmsIgR64qD9SmaCyHiNGClEJPr/oRGNP6y5vTl2l2Zb2jp9oaHamuyJ8GVzy dF4ZJoxOzhMigvnAm2DV2J4ei/36ocpaqCY+hUy3nksn6GtFZFURqhQNI6fxO15l YKAODYBOIT7JwvN9/5D2iQIcBAEBCAAGBQJch7W2AAoJEJmMHMbC4OanTt4P/1AI 9NqQJpaA9cWEAMiT8JHIxV9KUgJ9T1iaMfp8sWI7udnwqKOYQTJPxqjYjIXy4i5I FoyIXUSk1GDszq+zspTB6pwGmzaGvl9YWuZKXms9Ml6OyxevIeErDYvttZ84HkTx PSxid9DGnYDtRCO+G/chbYQHO69q2DJEqTqpHPkJs/1RC8bRH+Jqc5azAf+vVTC8 0AL9QKg7yA7e3HzjA8/0itKRbH3BTLlBr1kgX6mHKpRa4ICp5+gMqPqQlKWHzfUR gH2xdb/Rq4Bmg53FVlOH0LOSzJSXgL3iQGYDNT/c0B/H6pajXbyqrDnsVvEX3+6f +FjgetBFFhd1FU7vc2/P2LIW9dNolGCVnwAv6J/LNEU8gxAQmu+jZAEbWVvoZ8pw ouBHGikOHO2UZfALvp8gTc5SKQhALM1BL5piL5hUSuv57hE+7cvDLS5jeSwLphpB W7dezM2qyjmCjPLagA0UJsAAXaKh6NoRIxHfWXecWHbaiMNLq0paX6UCHZfIKict pkti+G3Hy5t4M4BVD5R+NwvI7bFyzps/Z2alm/gJvHmcLIG107113mT4sIm7zzr4 YcrZ+ZWDyhHzTOy1tfXSf5cepFC9gmShWt1XpHoRAFTAvIUMH7xTB6LZ46zxEzmV Jb2p3eOqP2y6Gqp3+yVWSavgBTpMO+/Bb5ot+MabiQIcBAEBCAAGBQJch7W2AAoJ EBP1mFmDX7UgTt4QAJpS5XeZqCtTK+Bt2Y+ita1fO01hRavR2V4crnfO5P1IxusT s9rmSbbS/JPn7agPOurqOB/ICB/jfyHdDAWJQhIjNH17PH4U5KZRtyxCJ+dl4+7S wiuEZdj2Pd6UM95MdqgiQhhIZZkujMshVlTC0Opd7ENMGS3Aj2IMMobqVseaWYqc WzAQvgZCb4yUYrGJLm7qdXxoFFU+29oF599Rt1xEtIXqDPceltqGTcF4/40KnW6I hBSqf6gHH6H6qmk3ErpPIHZxj7QBkvODXyilVF1TPgIkwcgpJ/K93h8NjGuszlID S6sSWkGyjX2LxjklnTyvlK+8XaqzWlPFL2dQ89H+ZzkWvdhlXlAHKD3GdYtCKSEL oIOXKBeU9LtnfyLPgDAyhTIN6bjZ5Zs0JCk6n8QpDv9U7/joo7BVhHmc2PjmJzFL 9HYfInad/Dhc9h7FKPMDyXJNkdoJ2s9JzEdpWePHClvm7ClC3TP89z0fn180ih7P jocF5NU/h8U87MTyUnoe0LUGL4WvzVw49qzGlCYL50tUZ3mI1JOyCPDNvXmfQ5gs b9UFYFQz3N96yVUtLZLyrzHixUyUGu90puY/jyPoyGVSyYZwkjJ4iZOMm0zdIV4B P2nxeeeZor4pui+VrdZf57GIXHfWHXta1+Ussa1QwWKeON7VThPJWV9Iz8Cq =8DWQ -----END PGP SIGNATURE-----