Re: kernel.org keysigning party for the Boston area: October 18, 2011

["Ted Ts'o" <tytso@mit.edu>]

On Thu, Oct 13, 2011 at 11:31:54AM -0400, Theodore Ts'o wrote:
> 
> I will be holding a key signing party in Cambridge on Tuesday, October
> 18, from 4-5pm for folks in the Boston greater metropolitan area.
> 
> Anyone who is interested should send me their key-id by Tuesday noon
> US/Eastern, and I will give those folks the details about where we will
> be holding the key signing party.   Please put "BOSTON KEY SIGNING" in
> the subject line.
> 
> Please feel free to forward this to any fellow kernel devs who might not
> be reading LKML.
> 

Reminder, please send me your key-id today, or Tuesday at the latest,
if you would like to participate in the Boston area Key Signing.

>     	    	  	   	   	   - Ted

> 
> 
> What's a key-signing party?
> 
> A key-signing party is a get-together with PGP users for the purpose of
> meeting other PGP users and signing each other's keys. This helps to
> extend the "web of trust" to a great degree. Also, it sometimes serves
> as a forum to discuss strong cryptography and related issues.
> 
> What do I need for this party?
> 
> Required Items
> Physical attendance
> Positive picture ID
> Your Key ID, Key type, HEX fingerprint, and Key size
> A pen/pencil or whatever you'd like to write with....
> NO computer
> 
> Required Process
> 
> 1.  All attendees send their public keys to a public keyserver. For this
> party, we'll use keyserver.cryptnet.net. If for some reason you don't
> want your key to be in a public keyserver, but still want to
> participate, please let me know.
> 
> 2.  All attendees send their key ID, key type, fingerprint, and key size to
> the host, tytso@mit.edu, who will compile everyone's key information.
> 
> 3.  The host prints a list with everyone's key ID, key type,
> fingerprint, and key size from the compiled keyrings and distributes
> copies of the printout at the meeting.
> 
> 4.  Attend the party. Bring along a paper copy of your key ID, key type,
> fingerprint, and key size that you obtained from your own keyring. You
> must also bring along a suitable photo ID. Instruct the attendees at the
> beginning that they are to make two marks on the listing, one for
> correct key information (key ID, key type, fingerprint, and key size)
> and one if the ID check is ok.
> 
> 5. At the meeting each key owner reads his key ID, key type,
> fingerprint, key size, and user ID from his own printout, not from the
> distributed listing. This is because there could be an error, intended
> or not, on the listing. This is also the time to tell which ID's to sign
> or not. If the key information matches your printout then place a
> check-mark by the key.
> 
> 6. After everyone has read his key ID information, have all attendees
> form a line.
> 
> 7. The first person walks down the line having every person check his
> ID.   The second person follows immediately behind the first person and
> so on.
> 
> 8.  If you are satisfied that the person is who they say they are, and
> that the key on the printout is theirs, you place another check-mark
> next to their key on your printout.
> 
> 9.  Once the first person cycles back around to the front of the line he
> has checked all the other IDs and his ID has been checked by all others.
> 
> 10. After confirming that the key information on the key server matches
> the printout that you have checked, sign the appropriate keys. Keys
> should only be signed if they have two check-marks.  If you are using
> Debian or Ubuntu, the "caff" (certifying authority fire and forget)
> script can be found in the "signing-party" package along with other
> useful scripts, which makes it much easier to sign the keys.  For
> Fedora, the "caff" script can be found in the "pgp-tools" package.
> 
> 11.  Send the signed keys back to the keyservers, or to owners of the
> key.
> 
> Other questions about signing keys?
> 
> You may want to read the Keysigning Party Howto which includes an
> explanation of the concepts behind keysigning, instructions for hosting
> a keysigning party, instructions for participating in a keysinging
> party, and step by step instructions for signing other's keys.
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/