A signed, plain text version of this post is available.

My OpenPGP key expires tomorrow, and despite being able to use the key, I can’t renew it. My everyday encryption, signing, and authentication subkeys are here with me, but my certification key, which is needed to renew those subkeys, is kept elsewhere. Due to the pandemic, it would be extremely difficult for me to access it.

I don’t plan to do a key transition unless a very compelling reason comes up, because OpenPGP makes those extremely unpleasant. Instead, I will be continuing to use the expired key for signing things like git commits. Once I regain access to the certification key, I can retroactively renew the key and make all those signatures valid. It should be possible, in the meantime, to validate that my signatures are good except for the key being expired. If I decide to do a key transition later for some reason, it will be signed with the then-expired signing subkey I currently have access to.

Not many people communicate with me using OpenPGP encryption, so I don’t expect that to be much of an issue. If you want to communicate securely with me, my XMPP address is REDACTED — I can now use OpenPGP again, and would prefer not to be contacted on XMPP by strangers..