[NBLUG/Announce] GPG Key Signing Party!
augie
schwer at sonic.net
Fri Apr 25 23:57:01 PDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
<http://nblug.org/augie/gpg/gpg-announce.html>
WHAT: GnuPG Key Signing Party.
WHERE: O'Reilly and Associates, Sebastopol
http://nblug.org/directions.cgi
http://ora.com/oreilly/seb_directions.html
WHEN: After the general meeting.
WHY: A key signing party properly facilitates the signing of your
GnuPG public key by other GnuPG users. Having your public key signed
increases the "web of trust" for everyone, and brings more validity to
your key, as it represents your identity.
What to bring?
1. Your self (physical attendance is mandatory)
2. Picture ID
3. Your Key ID, Key type, HEX fingerprint, and Key size
(probably just make a print out from your keyring...unless
you've got all this memorized ;) )
4. Something to write with
5. NO computer!
How does it work?
1. Before the party generate a key pair, and either upload your
public key to a public key server such as www.keyserver.net, or be
prepared to tell people from where they can access your public key on
the internet.
2. Email your public key to the coordinator: augie at nblug.org
3. The coordinator prints a list with everyone's key ID, key type,
fingerprint, and key size from the compiled keys and distributes
copies of the printout at the meeting.
4. Bring along a paper copy of your key ID, key type, fingerprint,
and key size that you obtained from your own keyring. Also bring a
photo ID.
5. You will be making two marks on the listing, one for correct key
information (key ID, key type, fingerprint, and key size) and one if
the ID check is ok.
6. Now mingle. The point is to meet as many people, and get as many
signatures as you can.
7. When you meet someone read your key ID, key type, fingerprint,
key size, and user ID from your own printout, not from the
distributed listing. This is because there could be an error,
intended or not, on the listing. This is also the time to confirm ID
information. If the key information matches your printout then place
a check-mark by the key on your own distributed list, and if the ID
appears to be valid place another check-mark on your own distributed
list.
8. That's it! When you get home, take a look at your list, any keys
on your list with TWO check-marks are valid keys, and you may
download that key from the keyserver or from another location that
the key owner has specified. Sign that key and upload it back to the
server you got it from, or email it back to its owner.
Links:
http://www.nblug.org/augie/gpg - shameless self promotion
http://www.mandrakesecure.net/en/docs/gpg.php - good brief
introduction into GnuPG
http://www.gnupg.org/gph/en/manual.html - more indepth information
- --
irc.nblug.org #nblug
registered linux user #229905
gpg public key: http://www.sonic.net/schwer/schwer.asc
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+qiyRy5knhCewwHIRAsEXAJ0RA5Aqua5WtzwjIpILrN50kwnenACdFMHV
8ju4+ObHklrwDNGvlnpVIh0=
=FKvA
-----END PGP SIGNATURE-----
More information about the announce
mailing list