New GPG key

I’ve uploaded a new GPG key to various keyservers, fetch it manually or on the command line:

$ gpg --recv-keys 0xF75964F29DC6C210

Before creating the key, I took inspiration from Ubuntu and Christopher Wellons, arriving at this for my gpg.conf:

cert-digest-algo SHA512
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed
personal-cipher-preferences AES256 AES192 AES
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
s2k-cipher-algo AES256
s2k-digest-algo SHA512
s2k-mode 3
s2k-count 65011712

The first half is in order to use the SHA-2 and AES instead of SHA-1 and CAST5, while the s2k settings are there to make brute force as expensive as possible in the event that my private key should be compromised.

I’m starting from scratch with my web of trust, so if you want to play key signing, let me know.

Advertisements