When: Tue February 13, 2018 07:30 PM to 09:00 PM
Speaker: E. Frank Ball
Location: O'Reilly Media
It’s time for another GPG key signing. We had one in May 2003 & August 2014.
The point of this is to create a web of trust. By signing someone’s public key, you state that you have checked that the person that uses a certain keypair, is who he says he is and really is in control of the private key. This way a complete network of people who trust each other can be created. This network is called the strongly connected set. Information about it can be found at http://pgp.cs.uu.nl/
Before the meeting:
Generate a public/private keypair with the
gpg --gen-keycommand (accept the defaults), see
man gpgfor more info.
Upload your key to a keyserver:
gpg --send-keys --keyserver keyserver.ubuntu.com
Print out the key fingerprint with
gpg --fingerprintAlso include your full name, email address, and Key ID#. Bring this to the meeting, and optionally make extra copies to hand out.
Email me at email@example.com with the fingerprint, email address, full name, and Key ID. I’ll have a list of everyone’s info to hand out.
During the meeting:
Verify your GPG key fingerprint on the list I hand out and verify your identity (with photo ID).
After the meeting:
Download the all of the keys for the fingerprints verified at the meeting
Add them to your keyring
Upload your key again.