[ale] PGP / GPG Keysigning party... Upload your key now!

Michael H. Warfield mhw at WittsEnd.com
Sun Nov 20 09:31:17 EST 2011


On Sun, 2011-11-20 at 01:50 -0500, Ted W. wrote: 
> On Sat, Nov 19, 2011 at 8:03 PM, Michael H. Warfield <mhw at wittsend.com>wrote:
> 
> > On Sat, 2011-11-19 at 19:05 -0500, Scott Castaline wrote:
> > > Unfortunately I missed this month's meeting, so I do not have the
> > > details for the keysigning party. It was sort of up in the air before
> > > the last meeting, is it still going to be at the usual meeting
> > > place/time, or somewhere else and some other time?
> >
> > No, it won't be at the usual place.  Others are making arrangements and
> > I heard references to December 8.  Others will have to post the details.
> > I'm just dealing with the keyring and the some of the operational
> > issues.
> >
> > Mike
> >
> > > On 11/18/2011 01:23 AM, Michael H. Warfield wrote:
> > > > Everyone!
> > > >
> > > > As discussed at tonight's ALE Central Meeting and at the after meeting
> > > > meeting, we are working on a PGP keysigning party for December.
> > > >
> > > > Pursuant to that, I have set up a listing at BigLumber,
> > > > <http://biglumber.com>, a site dedicated to promoting PGP keysigning
> > > > parties.  Please feel free to register up there if you wish to host /
> > > > coordinate parties or if you wish to do individual key signings.
> > > > Registration is NOT required to merely participate in a keysigning
> > party
> > > > - registration is only required for organizers and listers.  The Forum
> > > > of Incident Response Securty Teams (FIRST - http://www.first.org) has
> > > > used this site for years coordinating our PGP keysigning events.
> > > >
> > > > In anticipation of the keysigning event, you should add your key to our
> > > > keyring here:
> > > >
> > > > http://biglumber.com/x/web?keyring=4254
> > > >
> > > > You will see a text listing of our complete keyring with the key ids,
> > > > the owner uids and the key fingerprints.
> > > >
> > > > Just paste your public key into the text window or browse to a file of
> > > > it and then hit "submit query" (yeah, I know it's kinda weird and
> > > > confusing and it confused me the first time too).  Your key will be
> > > > added and you will see a complete listing of the current keys on this
> > > > keyring (currently just my two) after you go back and hit "refresh".
> >  We
> > > > will print out copies of the keyring for the keysigning party and you
> > > > can then "check off" people you verify.
> > > >
> > > > When we have gone through the keysigning party itself, you can then
> > > > download the entire keyring from BigLumber, import it, and sign those
> > > > keys which you have personally verified.  DO NOT sign any keys on the
> > > > keyring you have not personally identified and verified at the party!
> > > > That's the very principle of the web of trust!  The keyring is public
> > > > and visible and anyone can add their key to it and can download the
> > > > entire keyring.
> > > >
> > > > After signing keys you've verified, you can send the signed keys to
> > > > their owners or update the public keyrings as you wish.  You can also
> > > > update the signatures at BigLumber by uploading the signed keys to the
> > > > keyring as well.
> > > >
> > > > Please use the final keyring after the party to actually do signatures
> > > > as people will be adding keys up to the last moment or you may miss
> > > > some.  By the same token, if people show up who have not uploaded their
> > > > keys by the time of the keysigning party, it is NOT TOO LATE but do NOT
> > > > be tardy after!
> > > >
> > > > Even if you are NOT SURE you will be able to attend, please upload your
> > > > keys anyways!  It doesn't hurt.  You won't be breaking any protocol.
> > > > You won't be subject to any SPAM.  If you think there is any remote
> > > > possibility you might be there and might like to pick up a FEW
> > > > signatures, upload your key ASAP so you won't forget!
> > > >
> > > > You will not HAVE TO use BigLumber.  There's always a few who forget
> > > > (please DON'T - it makes things go sooooo much faster and easier) or
> > who
> > > > just generated new keys.  Even if you have not uploaded your key to
> > > > BigLumber, you can still attend the party.  Please bring either
> > business
> > > > cards, or PGP cards, or even strips of paper with your key id and
> > > > fingerprint printed on it and we will make due.  I WILL have a stack of
> > > > my own, just in case.  BUT...  If you can, please use BigLumber and
> > help
> > > > us build the keyring as much in advance as you possibly can!
> > > >
> > > > To make this happen in December, we start now.  Let the uploads begin!
> > > >
> > > > Regards,
> > > > Mike
> > > >
> > > >
> > > > _______________________________________________
> > > > Ale mailing list
> > > > Ale at ale.org
> > > > http://mail.ale.org/mailman/listinfo/ale
> > > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > > http://mail.ale.org/mailman/listinfo
> > >
> > >
> >
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
> >   /\/\|=mhw=|\/\/          | (678) 463-0932 |
> > http://www.wittsend.com/mhw/
> >   NIC whois: MHW9          | An optimist believes we live in the best of
> > all
> >  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> >
> >
> I would like to join in on this, I'm a little lost though. I've figured out
> how to generate a key for each of my email addresses but I'm not sure where
> to find the files I'm supposed to upload to biglumber. I thought it might
> have been ~/.gnupg but there were no ascii files in there that looked like
> keys. Can someone help me find the files I need? If it helps I'm running
> CentOS 5.6
> 
> -- 
> Ted W. < Ted at Techmachine.net >
> Registered GNU/Linux user #413569

What are in the .gnupg directory are your keyrings, pubring.gpg and
secring.gpg, along with some odd internal stuff like trustdb.gpg and
configuration stuff like gpg.conf.  Your public keys are contained in
pubring.gpg but, yeah you're right, they're in binary form and you need
to export the individual keys you want.  Your pubring.gpg could have
public keys from other people you've imported so you can validate
messages from them or encrypt messages to them, so you normally wouldn't
want to use your entire keyring.

If you know your key id(s) [one of mine is 674627ff]:

gpg -a --export [your key-id(s)] > [your key-id].asc

Then upload that.

If you don't know your key id you can do it this way:

gpg -a --export [your E-Mail address(es)] > [some file].asc

or find your key id with:

gpg --list-keys [your E-Mail address]

You can export multiple keys into one public keyfile and upload them all
in one whack, which is what I think a couple people already did.  We're
currently up to 10 keys between 7 people right now.  Three of us have 2
keys each.  You don't need one key per E-Mail address, the keys can have
multiple uids containing your E-Mail addresses, as mine do.  You have to
edit your key (gpg --edit-key) and add the uids.

If you want to see your key's fingerprint, you would do this:

gpg --fingerprint [your key-id or E-Mail address]

My fingerprint comes out like this:

[mhw at canyon ~]$ gpg --fingerprint 674627ff 
pub   2048R/674627FF 2009-06-30
      Key fingerprint = 560F 1046 F77D FEAA 605F  7940 C0EB 9675 6746 27FF
uid                  Michael H. Warfield <mhw at WittsEnd.com>
uid                  Michael H. Warfield <mhw at WittsEnd.atl.ga.us>
uid                  Michael H. Warfield <mhw at iss.net>
uid                  Michael H. Warfield <mhw at CommandCorp.com>
uid                  Michael H. Warfield <m.warfield at computer.org>
uid                  Michael H. Warfield <warfieldm at acm.org>
uid                  Michael H. Warfield <mhw at gacc.atl.ga.us>
uid                  Michael H. Warfield <mhw at samba.org>
uid                  Michael H. Warfield <mwarfiel at us.ibm.com>
uid                  Michael H. Warfield <mhwarfield at us.ibm.com>
uid                  Michael H. Warfield <mhw at austin.ibm.com>
uid                  Michael H. Warfield <mhw at linux.vnet.ibm.com>
uid                  Michael H. Warfield <mhw at linux.ibm.com>
uid                  Michael H. Warfield (AI4NB) <ai4nb at arrl.net>
uid                  Michael H. Warfield <mhw at callanwolde.org>
sub   2048R/FBEB5743 2009-06-30

What you're looking for is really the first two lines.  The following
lines are uids and the encryption subkey.  You could put the fingerpint
on your business card (maybe we need a standard for doing that with QR
codes?).


Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20111120/54a42215/attachment.bin 


More information about the Ale mailing list