Mac Crypto 98 PGP Keysigning Party

When: Thursday Oct 8

Where: TBD (if you're at the last session you will know where to go)

Who: Those who send in their keys by 12:00 thurs, Oct 8

Folks who want to participate in the keysigning must email their keys to me (randall@apple.com). I will put together a keyring (probably PGP 5/6.x fmt) and print out all the key ids & fingerprints. If people would like a PGP 2.x format keyring I can make one as well, but it won't have the DSS keys in it.

During the keysigning each person on the keyring will stand and read his/her key fingerprint out loud.

If you recognise the person, and the key id & fingerprints match, you should have enough info to sign their key. Folks should have ID that you can check as well.

The keyring with new signatures.

Agenda

• I distribute a paper list with each person's userID, key ID/size, fingerprint.
  
• each person brings their own key fingerprint.
  
• for each person on the list:
  • that person stands
  • other folks get to vouch for the standing person
  • that person reads out loud their key id/size/fingerprint from their own copy
  • people follow along on the paper list. (calling out if there is an error)
  • people make a private decision wether or not to sign the key.
    
• people go "home" , download the keyring, reverify the fingerprints, sign the keys they wish to sign and send the signed keys back to me.
  
• I put the modified keyring up on this site & also send the keys to the keyserver.

Notes:

• When people vouch for a person, it is important to note if the relationship is in a different context than the current context ie. "I met him at this conference" is weaker than "I have worked with him for the last two years".
  
• RSA Keys. Do not use DH/DSS keys to sign RSA keys. If the person whose RSA key you are signing doesn't have PGP 5.x, then the newly signed key will be unreadable and unusable to them -- they won't be able to import your DSS signature.
  
• DH/DSS keys. While it is unlikely to mess anything up to sign a DH/DSS key with an RSA key, you should sign a DH/DSS key with another DH/DSS key, if at all possible. There may be a time in the future when all RSA support has been removed from all PGP products, and the presence of an RSA signature on your DH/DSS key may present problems.