Pretty Good Privacy

When replacing one uncompromised key with a newer (typically longer) one, using a transition period when both keys are trustworthy and participate in the web of trust uses trust transitivity to use links to the old key to trust signatures and links created by the new key. During a transition, both keys are trustworthy but you only use the newer one to sign documents and certify links in the web of trust.

gpg --expert --full-gen-key
  (9) ECC and ECC
  (1) Curve 25519
 
$PGP_NEWKEY_ID=<ID of new key>
$PGP_OLDKEY_ID=<ID of old key>
 
# sign new key with old key
gpg --default-key $OLDKEY --sign-key $NEWKEY
# sign old key with new key
gpg --default-key $NEWKEY --sign-key $OLDKEY 
 
# export in ASCII armored format
gpg --armor --output $NEWKEY.key --export-secret-key $NEWKEY
gpg --armor --output $NEWKEY.pub --export $NEWKEY

see also:

• https://github.com/open-keychain/open-keychain/wiki/QR-Codes

see also:

• https://security.stackexchange.com/questions/406/how-should-i-distribute-my-public-key
• http://www.bauser.com/websnob/keydist
• Securing Email Communications from Facebook

Set in Enigmail: Settings → Keyservers, enter comma separated list, e.g.:
vks://keys.openpgp.org, hkps://keys.mailvelope.com

# don't use "vks://" or "hkp://" infront of the domain name!
gpg --keyserver keys.example.com --send-keys <key1> <key2>

• GPG Howto (Ubuntu Community)
• PGP and you (thoughtbot blog)
• OpenPGP for complete beginners
• 15 reasons not to start using PGP (secushare)