-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512,SHA1

I am transitioning GPG keys from an old 1024-bit DSA key to a new
4096-bit RSA key.  The old key will continue to be valid for some time,
but I prefer all new correspondance to be encrypted in the new key, and
will be making all signatures going forward with the new key.

This transition document is signed with both keys to validate the
transition.

If you have signed my old key, I would appreciate signatures on my new
key as well, provided that your signing policy permits that without
reauthenticating me.

The old key, which I am transitional away from, is:

  pub   1024D/CB467E27 2000-04-23 Cosimo Alfarano <kalfa@debian.org>
    Key fingerprint = 0DBD 8FCC 4F6B 8D41 8F43  63A1 E43B 153C CB46 7E27

The new key, to which I am transitioning, is:

  pub   4096R/D6A6121C 2010-11-06 Cosimo Alfarano <cosimo@alfarano.net>
    Key fingerprint = E9EE 805F 8037 CCBE 1911  4BC2 8E16 B90A D6A6 121C

To fetch the full new key from a public key server using GnuPG, run:

  gpg --keyserver keys.gnupg.net --recv-key 8E16B90AD6A6121C

If you have already validated my old key, you can then validate that the
new key is signed by my old key:

  gpg --check-sigs 8E16B90AD6A6121C

If you then want to sign my new key, a simple and safe way to do that is
by using caff (shipped in Debian as part of the "signing-party" package)
as follows:

  caff 8E16B90AD6A6121C


Please contact me via e-mail at <cosimo@alfarano.net> if you have any
questions about this document or this transition.

                                                      Cosimo Alfarano
                                                      cosimo@alfarano.net
                                                      30-11-2010

PS: thanks to Zack from who I clearly copied the whole message.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCgAGBQJM9ONxAAoJEI4WuQrWphIcZwEP/0IVR9nJeV6j740opomphPfr
5nt+w65qCx2oyYbJPOD6WQaUWq3eGARjIaARfKXlkQhtU0ICoTQXGFqegaM/J0gT
sXSYL8gzKt/U9OHshq9TlGiBU1JEJQW3tmRFqQA5yRWUkhmk/8iXXdJaD//0kdsY
ULyLxWod840RZrMvi+kU+DD4xhb1wa7lcN+9NJkH8lqYqLBUB41rTahpN1PMkRer
gfKEV+Om9B8f3KTvQGZdOFUXEBP1EIgu7c1s1En3Cygif1dA6/w/mPrlJ7yjT0Ep
Qt1lz3SN6fi+bc9Gu0LdUN8LpgupMXg3sEborNeuZOff0WCG1GgZg71Zm9BKtI53
YeP02EEPpPEC3XDVNZD8GTcKSNsVrpYnbEqLrk0iqb/1E7wZXYBtiht+RfgaKvGF
mhzx3aXLxctQLxSfoy5Qv5Ot3X82UW7KxG2mShfrE8eT6g0CqBKrZmeGSItfxoRC
VQfpK88wueftEVoVn7vQcjH7Qut96AFSupERFjKyWOp9hDYnTQQ2Lkb+po5mkEpP
1IFkfpIlApqS6LQnqbjvQ7TOrA4ZYfxThbuM7AmkrQxqIKWTU3QEMChsEbaJdlN/
3EbPeafkIOfovzN29mMVl8yfui8lzVGhXj4j7OsQ6okhFvyb6BcUc2J+BpgE/H88
4iEIipZDzSbu/vFhXo59iEYEARECAAYFAkz043EACgkQ5DsVPMtGficS9wCdHHaq
lmaULnM3ESDNgu6jzZ3Ifk4An3pb1FpSqa0UG1AHauUQHiq78fCp
=fKGr
-----END PGP SIGNATURE-----