[NBLUG/Announce] GPG Key Signing Party!

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 <http://nblug.org/augie/gpg/gpg-announce.html> WHAT: GnuPG Key Signing Party. WHERE: O'Reilly and Associates, Sebastopol http://nblug.org/location.shtml http://ora.com/oreilly/seb_directions.html WHEN: After the general meeting. WHY: A key signing party properly facilitates the signing of your GnuPG public key by other GnuPG users. Having your public key signed increases the "web of trust" for everyone, and brings more validity to your key, as it represents your identity. What to bring? 1. Your self (physical attendance is mandatory) 2. Picture ID 3. Your Key ID, Key type, HEX fingerprint, and Key size (probably just make a print out from your keyring...unless you've got all this memorized ;) ) 4. Something to write with 5. NO computer! How does it work? 1. Before the party generate a key pair, and either upload your public key to a public key server such as www.keyserver.net, or be prepared to tell people from where they can access your public key on the internet. 2. Email your public key to the coordinator: augie(a)nblug.org 3. The coordinator prints a list with everyone's key ID, key type, fingerprint, and key size from the compiled keys and distributes copies of the printout at the meeting. 4. Bring along a paper copy of your key ID, key type, fingerprint, and key size that you obtained from your own keyring. Also bring a photo ID. 5. You will be making two marks on the listing, one for correct key information (key ID, key type, fingerprint, and key size) and one if the ID check is ok. 6. Now mingle. The point is to meet as many people, and get as many signatures as you can. 7. When you meet someone read your key ID, key type, fingerprint, key size, and user ID from your own printout, not from the distributed listing. This is because there could be an error, intended or not, on the listing. This is also the time to confirm ID information. If the key information matches your printout then place a check-mark by the key on your own distributed list, and if the ID appears to be valid place another check-mark on your own distributed list. 8. That's it! When you get home, take a look at your list, any keys on your list with TWO check-marks are valid keys, and you may download that key from the keyserver or from another location that the key owner has specified. Sign that key and upload it back to the server you got it from, or email it back to its owner. Links: http://www.nblug.org/augie/gpg - shameless self promotion http://www.mandrakesecure.net/en/docs/gpg.php - good brief introduction into GnuPG http://www.gnupg.org/gph/en/manual.html - more in depth information augie.