[ale] PGP / GPG Keysigning party... Upload your key now!

Ted W. ted at techmachine.net
Sun Nov 20 01:50:11 EST 2011


On Sat, Nov 19, 2011 at 8:03 PM, Michael H. Warfield <mhw at wittsend.com>wrote:

> On Sat, 2011-11-19 at 19:05 -0500, Scott Castaline wrote:
> > Unfortunately I missed this month's meeting, so I do not have the
> > details for the keysigning party. It was sort of up in the air before
> > the last meeting, is it still going to be at the usual meeting
> > place/time, or somewhere else and some other time?
>
> No, it won't be at the usual place.  Others are making arrangements and
> I heard references to December 8.  Others will have to post the details.
> I'm just dealing with the keyring and the some of the operational
> issues.
>
> Mike
>
> > On 11/18/2011 01:23 AM, Michael H. Warfield wrote:
> > > Everyone!
> > >
> > > As discussed at tonight's ALE Central Meeting and at the after meeting
> > > meeting, we are working on a PGP keysigning party for December.
> > >
> > > Pursuant to that, I have set up a listing at BigLumber,
> > > <http://biglumber.com>, a site dedicated to promoting PGP keysigning
> > > parties.  Please feel free to register up there if you wish to host /
> > > coordinate parties or if you wish to do individual key signings.
> > > Registration is NOT required to merely participate in a keysigning
> party
> > > - registration is only required for organizers and listers.  The Forum
> > > of Incident Response Securty Teams (FIRST - http://www.first.org) has
> > > used this site for years coordinating our PGP keysigning events.
> > >
> > > In anticipation of the keysigning event, you should add your key to our
> > > keyring here:
> > >
> > > http://biglumber.com/x/web?keyring=4254
> > >
> > > You will see a text listing of our complete keyring with the key ids,
> > > the owner uids and the key fingerprints.
> > >
> > > Just paste your public key into the text window or browse to a file of
> > > it and then hit "submit query" (yeah, I know it's kinda weird and
> > > confusing and it confused me the first time too).  Your key will be
> > > added and you will see a complete listing of the current keys on this
> > > keyring (currently just my two) after you go back and hit "refresh".
>  We
> > > will print out copies of the keyring for the keysigning party and you
> > > can then "check off" people you verify.
> > >
> > > When we have gone through the keysigning party itself, you can then
> > > download the entire keyring from BigLumber, import it, and sign those
> > > keys which you have personally verified.  DO NOT sign any keys on the
> > > keyring you have not personally identified and verified at the party!
> > > That's the very principle of the web of trust!  The keyring is public
> > > and visible and anyone can add their key to it and can download the
> > > entire keyring.
> > >
> > > After signing keys you've verified, you can send the signed keys to
> > > their owners or update the public keyrings as you wish.  You can also
> > > update the signatures at BigLumber by uploading the signed keys to the
> > > keyring as well.
> > >
> > > Please use the final keyring after the party to actually do signatures
> > > as people will be adding keys up to the last moment or you may miss
> > > some.  By the same token, if people show up who have not uploaded their
> > > keys by the time of the keysigning party, it is NOT TOO LATE but do NOT
> > > be tardy after!
> > >
> > > Even if you are NOT SURE you will be able to attend, please upload your
> > > keys anyways!  It doesn't hurt.  You won't be breaking any protocol.
> > > You won't be subject to any SPAM.  If you think there is any remote
> > > possibility you might be there and might like to pick up a FEW
> > > signatures, upload your key ASAP so you won't forget!
> > >
> > > You will not HAVE TO use BigLumber.  There's always a few who forget
> > > (please DON'T - it makes things go sooooo much faster and easier) or
> who
> > > just generated new keys.  Even if you have not uploaded your key to
> > > BigLumber, you can still attend the party.  Please bring either
> business
> > > cards, or PGP cards, or even strips of paper with your key id and
> > > fingerprint printed on it and we will make due.  I WILL have a stack of
> > > my own, just in case.  BUT...  If you can, please use BigLumber and
> help
> > > us build the keyring as much in advance as you possibly can!
> > >
> > > To make this happen in December, we start now.  Let the uploads begin!
> > >
> > > Regards,
> > > Mike
> > >
> > >
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://mail.ale.org/mailman/listinfo/ale
> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > http://mail.ale.org/mailman/listinfo
> >
> >
>
> --
> Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>   /\/\|=mhw=|\/\/          | (678) 463-0932 |
> http://www.wittsend.com/mhw/
>   NIC whois: MHW9          | An optimist believes we live in the best of
> all
>  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
I would like to join in on this, I'm a little lost though. I've figured out
how to generate a key for each of my email addresses but I'm not sure where
to find the files I'm supposed to upload to biglumber. I thought it might
have been ~/.gnupg but there were no ascii files in there that looked like
keys. Can someone help me find the files I need? If it helps I'm running
CentOS 5.6

-- 
Ted W. < Ted at Techmachine.net >
Registered GNU/Linux user #413569
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20111120/b9353cd8/attachment-0001.html 


More information about the Ale mailing list