When: Thursday Oct 8
Where: TBD (if you're at the last session you will know where to
go)
Who: Those who send in their keys by 12:00 thurs, Oct 8
Folks who want to participate in the keysigning must email their
keys to me
(randall@apple.com). I will
put together a keyring (probably PGP 5/6.x fmt) and print out all the
key ids & fingerprints. If people would like a PGP 2.x format
keyring I can make one as well, but it won't have the DSS keys in it.
During the keysigning each person on the keyring will stand and
read his/her key fingerprint out loud.
If you recognise the person, and the key id & fingerprints
match, you should have enough info to sign their key. Folks should
have ID that you can check as well.
The
keyring
with new signatures.
Agenda
- I distribute a paper list with each person's userID, key
ID/size, fingerprint.
- each person brings their own key fingerprint.
- for each person on the list:
- that person stands
- other folks get to vouch for the standing person
- that person reads out loud their key id/size/fingerprint
from their own copy
- people follow along on the paper list. (calling out if
there is an error)
- people make a private decision wether or not to sign the
key.
- people go "home" , download the keyring, reverify the
fingerprints, sign the keys they wish to sign and send the signed
keys back to me.
- I put the modified keyring up on this site & also send the
keys to the keyserver.
Notes:
- When people vouch for a person, it is important to note if the
relationship is in a different context than the current context
ie. "I met him at this conference" is weaker than "I have worked
with him for the last two years".
- RSA Keys. Do not use DH/DSS keys to sign RSA keys. If the
person whose RSA key you are signing doesn't have PGP 5.x, then
the newly signed key will be unreadable and unusable to them --
they won't be able to import your DSS signature.
- DH/DSS keys. While it is unlikely to mess anything up to sign
a DH/DSS key with an RSA key, you should sign a DH/DSS key with
another DH/DSS key, if at all possible. There may be a time in the
future when all RSA support has been removed from all PGP
products, and the presence of an RSA signature on your DH/DSS key
may present problems.