[ale] PGP / GPG Keysigning party... Reminder and confirmation.

Michael H. Warfield mhw at WittsEnd.com
Wed Nov 23 14:08:53 EST 2011


Just a reminder that we're having a keysigning party in December.  I
would like some confirmation that we're doing this at ALE-NW on December
8th.  That's just a little over two weeks away.



I have set up a listing at BigLumber, <http://biglumber.com>, a site
dedicated to promoting PGP keysigning parties.  Please feel free to
register up there if you wish to host / coordinate parties or if you
wish to do individual key signings. Registration is NOT required to
merely participate in a keysigning party - registration is only required
for organizers and listers.  The Forum of Incident Response Securty
Teams (FIRST - http://www.first.org) has used this site for years
coordinating our PGP keysigning events.

In anticipation of the keysigning event, you should add your key to our
keyring here:

http://biglumber.com/x/web?keyring=4254

You will see a text listing of our complete keyring with the key ids,
the owner uids and the key fingerprints.

Just paste your public key into the text window or browse to a file of
it and then hit "submit query" (yeah, I know it's kinda weird and
confusing and it confused me the first time too).  Your key will be
added and you will see a complete listing of the current keys on this
keyring (currently just my two) after you go back and hit "refresh".  We
will print out copies of the keyring for the keysigning party and you
can then "check off" people you verify.  Bring one or more pieces of
photo id with you to the party, some people have indicated they might
want more that one although traditionally on piece piece of government
issued photo id has sufficed.

When we have gone through the keysigning party itself, you can then
download the entire keyring from BigLumber, import it, and sign those
keys which you have personally verified.  DO NOT sign any keys on the
keyring you have not personally identified and verified at the party!
That's the very principle of the web of trust!  The keyring is public
and visible and anyone can add their key to it and can download the
entire keyring.

After signing keys you've verified, you can send the signed keys to
their owners or update the public keyrings as you wish.  You can also
update the signatures at BigLumber by uploading the signed keys to the
keyring as well.

Please use the final keyring after the party to actually do signatures
as people will be adding keys up to the last moment or you may miss
some.  By the same token, if people show up who have not uploaded their
keys by the time of the keysigning party, it is NOT TOO LATE but do NOT
be tardy after!

Even if you are NOT SURE you will be able to attend, please upload your
keys anyways!  It doesn't hurt.  You won't be breaking any protocol. You
won't be subject to any SPAM.  If you think there is any remote
possibility you might be there and might like to pick up a FEW
signatures, upload your key ASAP so you won't forget!

You will not HAVE TO use BigLumber.  There's always a few who forget
(please DON'T - it makes things go sooooo much faster and easier) or who
just generated new keys.  Even if you have not uploaded your key to
BigLumber, you can still attend the party.  Please bring either business
cards, or PGP cards, or even strips of paper with your key id and
fingerprint printed on it and we will make due.  I WILL have a stack of
my own, just in case.  BUT...  If you can, please use BigLumber and help
us build the keyring as much in advance as you possibly can!

To make this happen in December, we start now.  Let the uploads begin! 

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20111123/f87d6590/attachment.bin 


More information about the Ale mailing list