[NBLUG/Announce] GPG Key Signing Party!
schwer at sonic.net
Sat Mar 1 11:52:00 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
WHAT: GnuPG Key Signing Party.
WHERE: O'Reilly and Associates, Sebastopol
WHEN: After the general meeting.
WHY: A key signing party properly facilitates the signing of your
GnuPG public key by other GnuPG users. Having your public key signed
increases the "web of trust" for everyone, and brings more validity to
your key, as it represents your identity.
What to bring?
1. Your self (physical attendance is mandatory)
2. Picture ID
3. Your Key ID, Key type, HEX fingerprint, and Key size
(probably just make a print out from your keyring...unless
you've got all this memorized ;) )
4. Something to write with
5. NO computer!
How does it work?
1. Before the party generate a key pair, and either upload your
public key to a public key server such as www.keyserver.net, or be
prepared to tell people from where they can access your public key on
2. Email your public key to the coordinator: augie at nblug.org
3. The coordinator prints a list with everyone's key ID, key type,
fingerprint, and key size from the compiled keys and distributes
copies of the printout at the meeting.
4. Bring along a paper copy of your key ID, key type, fingerprint,
and key size that you obtained from your own keyring. Also bring a
5. You will be making two marks on the listing, one for correct key
information (key ID, key type, fingerprint, and key size) and one if
the ID check is ok.
6. Now mingle. The point is to meet as many people, and get as many
signatures as you can.
7. When you meet someone read your key ID, key type, fingerprint,
key size, and user ID from your own printout, not from the distributed
listing. This is because there could be an error, intended or not, on
the listing. This is also the time to confirm ID information. If the
key information matches your printout then place a check-mark by the
key on your own distributed list, and if the ID appears to be valid
place another check-mark on your own distributed list.
8. That's it! When you get home, take a look at your list, any keys
on your list with TWO check-marks are valid keys, and you may download
that key from the keyserver or from another location that the key
owner has specified. Sign that key and upload it back to the server
you got it from, or email it back to its owner.
http://www.nblug.org/augie/gpg - shameless self promotion
http://www.mandrakesecure.net/en/docs/gpg.php - good brief
introduction into GnuPG
http://www.gnupg.org/gph/en/manual.html - more indepth information
registered linux user #229905
gpg public key: http://www.sonic.net/schwer/schwer.asc
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the announce