When migrating away from my old GPG key for my email in December 2014, I decided to document the whole process.
The old key was NOT compromised, the reason for the change was technical in nature. The old key wasn't compatible with my new Yubikey NEO Smartcard.
My old GPG key 001C1D67 was a DSA/ElGamal key which was already quite old and wasn't fitting the Smartcard I own now.
My new GPG key 86875CD9 is a signature-only 4096 bit RSA key which uses three 2048 bit RSA subkeys which are placed on my smartcard.
After rebuilding my web-of-trust I revoked my old key 001C1D67.
I also wrote a key transition statement and signed it with my old GPG key 001C1D67 and my new GPG key 86875CD9.
|Old GnuPG key (revoked):|
|Primary Email||Henning Rogge <firstname.lastname@example.org>|
|Fingerprint||F1B9 714F 1CD7 D995 A18B F050 71E9 EF73 001C 1D67|
|New GnuPG key:|
|Primary Email||Henning Rogge <email@example.com>|
|Fingerprint||7A2F ACFF 0E1B 01EE ACB1 C0A5 A5AD 77E6 8687 5CD9|