From Fedora Project Wiki

Revision as of 17:37, 29 November 2012 by Sparks (talk | contribs) (→‎Uploading your key to a keyserver: Updated the server address.)

Signing up

Please sign up below and make sure your key is available on the public keyserver network or make a note here with the url if it is not.

Things to bring to the event:

  1. Yourself
  2. At least one government issued photo ID
  3. Your key's fingerprint
  4. A pen/pencil or whatever you'd like to write with....
  5. NO computer (or at least leave it in your bag or something, you don't need to actually sign the keys right then)

Why shouldn't I bring a computer?

There are a variety of reasons, why you don't want to do this. The short answer is it would be insecure, unsafe, and of no benefit. For those not convinced, here are some reasons why it is insecure, unsafe, and of no benefit.

  • If people are carrying their secret keys with them and intend to do the signing at the actual meeting by typing their passphrase into a computer, then they are open to key-logging attacks, shoulder-surfing, etc.
  • Someone might spill $beverage on it.
  • Someone might drop it or knock it off the table.
  • Etc

Keysigning Procedure

  1. Generate a key/Remember your pass phrase
  2. All attendees send their public keys to a public keyserver. For this party, we'll use keys.bz or keys.christensenplace.us. If for some reason you don't want your key to be in a public keyserver, but still want to participate, please let me know.
  3. All attendees posts their fingerprint to this wiki page (see below). The event coordinator will compile everyone's key information.
  4. The host prints a list with everyone's fingerprint from the compiled keyrings and distributes copies of the printout at the meeting.
  5. Attend the party. Bring along a paper copy of your fingerprint that you obtained from your own keyring. You must also bring along a suitable photo ID. Instruct the attendees at the beginning that they are to make two marks on the listing, one for correct key information and one if the ID check is ok.
  6. At the meeting the host will distribute the key forms and a hash of that form (also available from this wiki page). The host will read the hash key out so that everyone can verify they have the same file. Everyone will verify that their fingerprint is correct on the form. Once everyone has verified these two pieces of information we will start with the identifications.
  7. After everyone has read his key ID information, have all attendees form a line.
  8. The first person walks down the line having every person check his ID.
  9. The second person follows immediately behind the first person and so on.
  10. If you are satisfied that the person is who they say they are, and that the key on the printout is theirs, you place another check-mark next to their key on your printout.
  11. Once the first person cycles back around to the front of the line he has checked all the other IDs and his ID has been checked by all others.
  12. After everybody has identified himself or herself the formal part of the meeting is over. You are free to leave or to stay and discuss matters of PGP and privacy (or anything else) with fellow PGP users. If everyone is punctual the formal part of the evening should take less than an hour.
  13. After confirming that the key information on the key server matches the printout that you have checked, sign the appropriate keys. Keys can only be signed if they have two check-marks.
  14. Send the signed keys back to the keyservers.
  15. Use those keys as often as possible.

Acceptable Identification

We are not providing specific guidelines on what IDs are acceptable, or how many are required, however, it is generally expected that each participant will be able to provide some sort of government issued photo identification, such as driver's license, passport, etc., matching the name on their key. It is up to the other participants whether or not they will accept your identification.

Uploading your key to a keyserver

To upload your key, do gpg --keyserver pool.sks-keyservers.net --send-keys 0xYOURKEYID

CAcert Assurance

There will also be a CAcert Assurance event.

Key List

Name FAS Username Key ID Fingerprint
Eric Christensen Sparks 0x024BB3D1 097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
Name FAS Username Key ID Fingerprint

Back to FUDCon:Lawrence_2013.