My vendors pgp suddenly changed

as title states my vendors pgp suddenly changed, im cautious as is, but i wanted them to prove they are the same so i asked if they can decrypt message using old key.

Am i overeacting?


Comments


[29 Points] cheapcab:

Nope, you are not over reacting. They should have signed the new key with the old one. If they didn't or won't decrypt with the the old key then never deal with them again.


[11 Points] DooshNozzzle:

Any time a vendor changes their PGP key without an announcement where they sign the new one with the old one (check the fingerprint make sure it matches), this is suspicious

I would insist that they decrypt something using their old key before you engage in business with them.


[5 Points] q123rumble:

always double check everything. there is never anything wrong with being safe rather than sorry.


[3 Points] subutextual:

Post the vendor please.


[4 Points] scruffwuff:

Vendor name?


[-1 Points] Jayden710:

Sure?