Well its almost time for me to create a new PGP key. My current key for tyler at tylerburton dot ca is set to expire at the end of the year and I am trying to determine what the best way to migrate to a new key is. Some people suggest simply adding a new encryption sub key and then changing the original signing key’s expiry date so that individuals wishing to verify your signatures can continue to do so uninterrupted. Unfortunately my current key is an ElGamal/DSS based one and, after the recent increased attacks on SHA1, I would really prefer to move to an RSA based key.
Alas I think I’m going to have to just create a new key and sign it with the current one. If anyone has any better alternatives please let me know!