Boston Linux Meeting Wednesday, September 20, 2006 Keysigning - please sign up

[bill at horne.net (Bill Horne)]

On Thu, 2006-09-14 at 19:49 -0400, Jerry Feldman wrote:
> When: September 20, 2006 7:00PM (6:30 for Q&A)
> Topic: PGP/GnuPG Keysigning Party 
> 	please register your key in advance to participate! 
> Moderator: V. Alex Brennen
>  Location:  MIT Building E51 Room 335 (Note new room)
>
>     A talk about PGP and GnuPG, followed by a keysigning party.
> Register your key in advance to participate! Registration URL below;
> http://blu.org/keysignings/keypartyregister.php
> http://blu.org/keysignings/
>
>     A key signing party is a get-together of people who use the PGP
> encryption system with the purpose of allowing those people to sign
> each others keys. Key signing parties serve to extend the web of trust
> to a great degree. Key signing parties also serve as great
> opportunities to discuss the political and social issues surrounding
> strong cryptography, individual liberties, individual sovereignty, and
> even implementing encryption technologies or perhaps future work on
> free encryption software.
>
>     The purpose of the meeting is to authenticate each other, i.e.
> verify everybody's key ids and key fingerprints. Participants sign each
> others' keys offline.
>
>     In order to complete the keysigning in the allotted time, we follow
> a formal procedure as seen in V. Alex Brennen's "GnuPG Keysigning Party
> HOWTO", attached below. It is strongly advised that if you have not
> been to a keysigning party before, you read this document. Please refer
> to the main BLU site (http://www.blu.org) for more details, directions
> and parking. (Note that the building has a parking lot in front of it
> on Amherst St.). 
>   

I've been asked to help with the keysiging party, so I'm going to ask 
the BLU membership
to do things a little bit differently than what we did in the past.

Here's the plan I propose: comments are, of course, welcome.

1. All participants should look at the current list of keys, which is at
http://blu.org/keysignings/keypartyregister.php , and verify that their 
key fingerprint is correct.

2. I will print the list from the website, add sequence numbers, and 
have copies made by a
notary this afternoon, which I will distribute at the meeting. 
Participants may, if they so choose,
verify that their copy contains the same key fingerprint(s) as the 
original. Any keys added
later today will be verified by announcement, as in years past.

3. Each participant will be given a 3x5 index card and a string to use 
as a lanyard, and
will write their sequence number on the card. In addition, they will add 
a statement
saying "My key fingerprint is correct", and sign the card. See
http://people.debian.org/~anibal/ksp-dc5/dscn4862_001.sized.jpg and
http://people.debian.org/~anibal/ksp-dc5/dscn4863_001.sized.jpg for 
examples.

4. Each participant will assemble in two rows (as previously discussed 
here), with
their 3.5 cards displayed, and with their identity document(s). We'll 
circle the line
until everyone has verified everyone else.

5. After they go home, each participant may sign the id's he/she 
considers valid, and
send a copy of the signature to the owner of that key. It will be up to 
the key owner to
decide if he/she wants to publish the signed key on a public keyserver.

I hope this procedure is acceptable to all: please feedback any 
suggestions or concerns
to me or the list as you choose.

Bill Horne


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.