[ale] PGP / GPG Keysigning party... Reminder and confirmation.

David Tomaschik david at systemoverlord.com
Mon Nov 28 01:24:18 EST 2011


On 11/23/2011 02:08 PM, Michael H. Warfield wrote:
> Just a reminder that we're having a keysigning party in December.  I
> would like some confirmation that we're doing this at ALE-NW on December
> 8th.  That's just a little over two weeks away.
> 
> 
> 
> I have set up a listing at BigLumber, <http://biglumber.com>, a site
> dedicated to promoting PGP keysigning parties.  Please feel free to
> register up there if you wish to host / coordinate parties or if you
> wish to do individual key signings. Registration is NOT required to
> merely participate in a keysigning party - registration is only required
> for organizers and listers.  The Forum of Incident Response Securty
> Teams (FIRST - http://www.first.org) has used this site for years
> coordinating our PGP keysigning events.
> 
> In anticipation of the keysigning event, you should add your key to our
> keyring here:
> 
> http://biglumber.com/x/web?keyring=4254
> 
> You will see a text listing of our complete keyring with the key ids,
> the owner uids and the key fingerprints.
> 
> Just paste your public key into the text window or browse to a file of
> it and then hit "submit query" (yeah, I know it's kinda weird and
> confusing and it confused me the first time too).  Your key will be
> added and you will see a complete listing of the current keys on this
> keyring (currently just my two) after you go back and hit "refresh".  We
> will print out copies of the keyring for the keysigning party and you
> can then "check off" people you verify.  Bring one or more pieces of
> photo id with you to the party, some people have indicated they might
> want more that one although traditionally on piece piece of government
> issued photo id has sufficed.
> 
> When we have gone through the keysigning party itself, you can then
> download the entire keyring from BigLumber, import it, and sign those
> keys which you have personally verified.  DO NOT sign any keys on the
> keyring you have not personally identified and verified at the party!
> That's the very principle of the web of trust!  The keyring is public
> and visible and anyone can add their key to it and can download the
> entire keyring.
> 
> After signing keys you've verified, you can send the signed keys to
> their owners or update the public keyrings as you wish.  You can also
> update the signatures at BigLumber by uploading the signed keys to the
> keyring as well.
> 
> Please use the final keyring after the party to actually do signatures
> as people will be adding keys up to the last moment or you may miss
> some.  By the same token, if people show up who have not uploaded their
> keys by the time of the keysigning party, it is NOT TOO LATE but do NOT
> be tardy after!
> 
> Even if you are NOT SURE you will be able to attend, please upload your
> keys anyways!  It doesn't hurt.  You won't be breaking any protocol. You
> won't be subject to any SPAM.  If you think there is any remote
> possibility you might be there and might like to pick up a FEW
> signatures, upload your key ASAP so you won't forget!
> 
> You will not HAVE TO use BigLumber.  There's always a few who forget
> (please DON'T - it makes things go sooooo much faster and easier) or who
> just generated new keys.  Even if you have not uploaded your key to
> BigLumber, you can still attend the party.  Please bring either business
> cards, or PGP cards, or even strips of paper with your key id and
> fingerprint printed on it and we will make due.  I WILL have a stack of
> my own, just in case.  BUT...  If you can, please use BigLumber and help
> us build the keyring as much in advance as you possibly can!
> 
> To make this happen in December, we start now.  Let the uploads begin! 
> 
> Regards,
> Mike

Seeing as how I haven't seen anyone else respond....

I don't know that anyone said the 8th was definitely a go for the
keysigning.  We do have the space at SPSU reserved, and if those
participating in the keysigning are willing to do it there, that seems
like a great time to me.

David

-- 
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com


More information about the Ale mailing list