I’ve uploaded a new GPG key to various keyservers, fetch it manually or on the command line:
$ gpg --recv-keys 0xF75964F29DC6C210
Before creating the key, I took inspiration from Ubuntu and Christopher Wellons, arriving at this for my gpg.conf:
cert-digest-algo SHA512 default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed personal-cipher-preferences AES256 AES192 AES personal-digest-preferences SHA512 SHA384 SHA256 SHA224 s2k-cipher-algo AES256 s2k-digest-algo SHA512 s2k-mode 3 s2k-count 65011712
The first half is in order to use the SHA-2 and AES instead of SHA-1 and CAST5, while the s2k settings are there to make brute force as expensive as possible in the event that my private key should be compromised.
I’m starting from scratch with my web of trust, so if you want to play key signing, let me know.