+
+\H{pgpkeys-rollover} Key rollover
+
+Our current keys were generated in September 2015, except for the
+Secure Contact Key which was generated in February 2016 (we didn't
+think of it until later).
+
+Prior to that, we had a much older set of keys generated in 2000. For
+each of the key types above (other than the Secure Contact Key), we
+provided both an RSA key \e{and} a DSA key (because at the time we
+generated them, RSA was not in practice available to everyone, due to
+export restrictions).
+
+The new Master Key is signed with both of the old ones, to show that
+it really is owned by the same people and not substituted by an
+attacker. Also, we have retrospectively signed the old Release Keys
+with the new Master Key, in case you're trying to verify the
+signatures on a release prior to the rollover and can find a chain of
+trust to those keys from any of the people who have signed our new
+Master Key.
+
+Future releases will be signed with the up-to-date keys shown above.
+Releases prior to the rollover are signed with the old Release Keys.
+
+For completeness, those old keys are given here:
+
+\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-rsa.asc}{\s{Master Key} (original RSA)}
+
+\dd RSA, 1024-bit. Key ID: \cw{1024R/1E34AC41} (long version:
+\cw{1024R/9D5877BF1E34AC41}). Fingerprint:
+\cw{8F\_15\_97\_DA\_25\_30\_AB\_0D\_\_88\_D1\_92\_54\_11\_CF\_0C\_4C}
+
+\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-dsa.asc}{\s{Master Key} (original DSA)}
+
+\dd DSA, 1024-bit. Key ID: \cw{1024D/6A93B34E} (long version:
+\cw{1024D/4F5E6DF56A93B34E}). Fingerprint:
+\cw{313C\_3E76\_4B74\_C2C5\_F2AE\_\_83A8\_4F5E\_6DF5\_6A93\_B34E}
+
+\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-rsa.asc}{\s{Release Key} (original RSA)}
+
+\dd RSA, 1024-bit. Key ID: \cw{1024R/B41CAE29} (long version:
+\cw{1024R/EF39CCC0B41CAE29}). Fingerprint:
+\cw{AE\_65\_D3\_F7\_85\_D3\_18\_E0\_\_3B\_0C\_9B\_02\_FF\_3A\_81\_FE}
+
+\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-dsa.asc}{\s{Release Key} (original DSA)}
+
+\dd DSA, 1024-bit. Key ID: \cw{1024D/08B0A90B} (long version:
+\cw{1024D/FECD6F3F08B0A90B}). Fingerprint:
+\cw{00B1\_1009\_38E6\_9800\_6518\_\_F0AB\_FECD\_6F3F\_08B0\_A90B}
+
+\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-rsa.asc}{\s{Snapshot Key} (original RSA)}
+
+\dd RSA, 1024-bit. Key ID: \cw{1024R/32B903A9} (long version:
+\cw{1024R/FAAED21532B903A9}). Fingerprint:
+\cw{86\_8B\_1F\_79\_9C\_F4\_7F\_BD\_\_8B\_1B\_D7\_8E\_C6\_4E\_4C\_03}
+
+\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-dsa.asc}{\s{Snapshot Key} (original DSA)}
+
+\dd DSA, 1024-bit. Key ID: \cw{1024D/7D3E4A00} (long version:
+\cw{1024D/165E56F77D3E4A00}). Fingerprint:
+\cw{63DD\_8EF8\_32F5\_D777\_9FF0\_\_2947\_165E\_56F7\_7D3E\_4A00}