Short:
I had to rotate my OpenPGP-keys. The current key is now

63F831BAAAFEA6B63D9514E441D8FF5258F8FB4A

Get it from the usual keyservers.

Long:

I am switching from GnuPG to sequoia-pgp and at the same time I had two expired subkeys. A ``sq key rotate`` did not produce the results I intended (new subkeys) and adding two new subkey did not seem to be importable to thhunderbird. The easy way out was to generate a completely new key — also as a test to see if this one could be imported into thunderbird (it could and I simply made it my main key).

``sq`` has a very easily usable CLI and absolutely helpful ``--help``. Plus, it does not have https://gpg.fail sitting on its back. The switch is not going without a hitch because I now have to move my private MUA to something that is working with sequoia and notmuch.

I absolutely love that ``sq`` is giving you hints on further switches that could improve the output. It seems that you are never been left helplessly stranded.

So, kudos and thanks
@sequoiapgp
I think I'll give it a try for a while.

Plus, did you know that the IMPACT CA that "my" students built a year ago is using the sequoia library?

Not only students grow at this university. Its "applied", keep that in mind.

Put them in last week.

Nice, short read on vulnerabilities in two password managers. (Others seemingly have not been addressed.) Weaknesses like "missing authentication" might raise some hairs.

https://arstechnica.com/security/2026/02/password-managers-promise-that-they-cant-see-your-vaults-isnt-always-true/

Short commercial for the standard Unix password-manager https://www.passwordstore.org/ here. Main advantage in this context is that the actual software is simply combining trusted and tested tools and concepts: pgp, files, git, ssh, pinentry, various tools to further use pass in different applicatios , and not trying to "re-invent". That also has the advantage of the passwordsbeing accessible if the password-store software becomes unusable.

Furthermore it is easier to estimate the achieved level of security, e.g. https://gpg.fail/ (Prectical hint, sequoia-chameleon promises to provide a stand-in replacement for gnupg.)

Category Theory is cool and if only because you can abbreviate it as "Cat Theory".

Started re-reading "Category Theory for the Sciences" by David Spivak with a friend. Read the foreword for the first time and immediately got this nice quote from it:

“when we formalize our ideas, our understanding is clarified. [...]
And if we are ever to get to the point
that we can input our ideas into computers,
we will need to formalize these ideas first.”

Very much what I experienced dabbling in Haskell-Code and the reason why that felt very much elevating.

If you know him on mastodon, please drop me a pointer. (Best in the way of "Hi, I'm David, glad you like my books", because I own two of them and cherish them both. (Just found a missing closing-bracket in section reference. I'd like to improve the second edition, but that is such an unimportant mistake. I both hope and not hope to find some mistake important enough to write an email.)) )

[Here I added an extra bracket for you to take, should you become aware of this text.]