If you have an old/insecure GPG/PGP key and want to upgrade, this blog post is for you. Such a key would be one using less than 2048 bits or using DSA encryption.
I decided that I need to change something about my GPG setup. I was still using a 1024bit DSA key from 2010 which means: Even if I create new and stronger subkeys, my signatures would forever be weak.
Since upgrading my old primary key was a non-trivial task, I'm writing this blog post for future reference by me or you.
First off: You cannot really upgrade a GPG primary key. You...