Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

Our Next PGP/GnuPG Keysigning Party

Our next Keysigning Party is scheduled for Wednesday, September 19, 2018 at Location to be determined.

Where

Location to be determined, .

When

Wednesday, September 19, 2018 from 18:30 to 21:30

How to Participate

  1. Create a PGP or GnuPG key, if you don't already have one;
  2. Post your public key to pgp.mit.edu.
  3. Add your key ID to the signup list for the upcoming BLU Keysigning. The BLU server will use yur key ID to retrieve your public key from the keyserver.
  4. Show up at the meeting with proper identification, to verify other participants' identities and to allow them to verify yours.
  5. After the meeting, sign the keys of participants who have proven their identity to your satisfaction.

There are tools such as "caff", described further down, to simplify the process of signing many keys as much as possible. If you'd rather do the process manually, without such a tool, here are the steps, using GnuPG to sign a key with ID D5C7B5D9:

  1. Retreive their public key from the keyserver:
    • gpg --keyserver pgp.mit.edu --recv-keys D5C7B5D9
  2. Sign their public key:
    • gpg --sign-key D5C7B5D9
  3. Export the signed public key to an ASCII-armored text file:
    • gpg --export -a -o D5C7B5D9-exported.asc D5C7B5D9
  4. Sign and encrypt the exported file so that only the key owner can read it:
    • gpg -sear D5C7B5D9 -o D5C7B5D9-signed.asc D5C7B5D9-exported.asc
  5. Email the signed file (D5C7B5D9-signed.asc) to the key owner.

Our next PGP/GnuPG Keysigning Party will be held on Wednesday, September 19, 2018. A key signing party is a get-together of people who use the PGP encryption system with the purpose of allowing those people to sign each others keys. Key signing parties serve to extend the web of trust to a great degree. Key signing parties also serve as great opportunities to discuss the political and social issues surrounding strong cryptography, individual liberties, individual sovereignty, and even implementing encryption technologies or perhaps future work on free encryption software.

The purpose of the meeting is to authenticate each other, i.e. verify everybody's key ids and key fingerprints. Participants sign each others' keys offline.

In order to complete the keysigning in the allotted time, we follow a formal procedure as seen in V. Alex Brennen's "GnuPG Keysigning Party HOWTO". It is strongly advised that if you have not been to a keysigning party before, you read this document.

It is essential that, before the meeting, you register on the signup form listed in the attachments. You should bring at least one picture ID with you. You must also bring your own printout of the report on that page, so you can check off the names/keys of the people you have personally verified.

Participants currently signed up:

SeqKey IDOwnerFingerprintSizeType
1 920063C6 John Abreau (Personal GMail 2013) 5122 C05A 61A2 FDE1 BDE1 8AD7 55B5 F869 9200 63C6 4096 RSA
2 5640D33F John Abreau (Personal email) 87B1 6003 9962 0824 0406 8B93 B184 3040 5640 D33F 4096 RSA
3 7493DAEC James R. Doyle F0B5 2E03 C020 DFE5 BA3D 7491 FB35 AF4D 7493 DAEC 2048 RSA


Script to sign keys

In order to minimize the chore of signing many keys, you can use a tool to simply the process as much as possible. The recommended tool for signing keys post-keysigning party is "caff", which can be installed on debian, Ubuntu, Fedora, CentOS, or Red Hat systems via one of

For Red hat and CentOS systems, the pgp-tools package is in the optional EPEL repo.


Previous Keysigning Parties

  1. September 20, 2017 :: Crypto News Review, Historical Vignette, and GPG/PGP Key-Signing
  2. September 21, 2016 :: Transposition Cyphers in Historic Context, and PGP/GnuPG Keysigning Party XVI
  3. September 16, 2015 :: Jeff Schiller and PGP/GnuPG Keysigning Party XV
  4. September 17, 2014 :: Crypto News, TOR, and our PGP/GnuPG Keysigning Party XIV
  5. September 18, 2013 :: PGP/GnuPG Keysigning Party XIV
  6. September 19, 2012 :: PGP/GnuPG Keysigning Party XIII
  7. September 21, 2011 :: PGP/GnuPG Keysigning Party XII
  8. September 15, 2010 :: PGP/GnuPG Keysigning Party XI, plus a talk by V. Alex Brennan
  9. September 16, 2009 :: PGP/GnuPG Keysigning Party X
  10. September 17, 2008 :: PGP/GnuPG Keysigning Party IX
  11. September 19, 2007 :: PGP/GnuPG Keysigning Party VIII
  12. September 20, 2006 :: PGP/GnuPG Keysigning Party VII
  13. August 17, 2005 :: PGP/GnuPG Keysigning Party VI
  14. September 15, 2004 :: PGP/GnuPG Keysigning Party V
  15. September 17, 2003 :: PGP/GnuPG Keysigning Party IV
  16. January 15, 2003 :: PGP/GnuPG Keysigning Party III
  17. December 19, 2001 :: PGP/GnuPG Keysigning Party II
  18. September 18, 1996 :: PGP and Electronic Privacy

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org