diff --git a/SECURITY.md b/SECURITY.md
index 16c75b58a9..1bf88fbd95 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -12,6 +12,30 @@ following email address:
 All logback project artifacts published on Maven central are signed. For each
 artifact, there is an associated signature file with the .asc suffix.
 
+The cryptographic key was updated 2022-08-08 to use a more modern
+Elliptic curve algorithm instead of RSA previously.
+
+### After 2022-08-08
+
+To verify the signature use [this public key](https://www.slf4j.org/public-keys/ceki-public-key.pgp). Here is its fingerprint:
+```
+pub   nistp521 2022-08-08 [SC]
+      60200AC4AE761F1614D6C46766D68DAA073BE985
+uid   Ceki Gulcu <ceki@qos.ch>
+sub   nistp521 2022-08-08 [E]
+```
+
+A copy of this key is stored on the
+[keys.openpgp.org](https://keys.openpgp.org) keyserver. To add it to
+your public key ring use the following command:
+
+```
+> FINGER_PRINT=60200AC4AE761F1614D6C46766D68DAA073BE985
+> gpg  --keyserver hkps://keys.openpgp.org --recv-keys $FINGER_PRINT
+```
+
+### Before 2022-08-08
+
 To verify the signature use [this public key](https://www.slf4j.org/public-keys/ceki-public-key.pgp). Here is its fingerprint:
 ```
 pub   2048R/A511E325 2012-04-26