Complete.Org: Mailing Lists: Archives: discussion: November 2002:
[aclug-L] Re: GnuPG / Keysigning
Home

[aclug-L] Re: GnuPG / Keysigning

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: GnuPG / Keysigning
From: John Goerzen <jgoerzen@xxxxxxxxxxxx>
Date: Wed, 13 Nov 2002 12:47:51 -0600
Reply-to: discussion@xxxxxxxxx

On Wed, Nov 13, 2002 at 12:21:56PM -0600, flimzy@xxxxxxxxxx wrote:

> We did a meeting about PGP/GnuPG quite some time ago.  It went well,
> although the keysigning wasn't great.  If we could find a more convenient
> way of handling keysignings than with floppy disks, that would be nice.

Yes, it's quite possible to do that.  I'd plan to have a "centralized" party
along the lines described at
http://www.cryptnet.net/fdp/crypto/gpg-party.html

Basically, what happens is this:

1. Before the party, everyone generates their keys and uploads them to a
server we designate.  They then inform the coordinator of their key and
their intention to be present at the party.

2. At the party, the coordinator brings a list of everyone's name, e-mail,
and key fingerprints.  Enough copies for everyone to take one.

3. Each participant in turn recites his key fingerprint and people place one
check mark next to each such recited key.

4. Each participant shows his/her photo ID to everyone, and people place a
second checkmark next to each verified key.

5. After the party, each participant goes home.  For each key with two
checkmarks, the participant will download, sign, and re-upload the key from
the keyserver.  Finally, the pariticpant will download a copy of his/her own
key, now complete with fresh signatures.

> It's been long enough, that I think it would be appropriate to re-visit
> the topic.  Are you volunteering to present John? :)

Yes :-)

-- John
-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]