This is G o o g l e's cache of http://www.debconf.org/debconf5/debconf5/key as retrieved on 27 Jan 2005 18:18:13 GMT.
G o o g l e's cache is the snapshot that we took of the page as we crawled the web.
The page may have changed since that time. Click here for the current page without highlighting.
This cached page may reference images which are no longer available. Click here for the cached text only.
To link to or bookmark this page, use the following url: http://www.google.com/search?q=cache:-zfDJuvGEIgJ:www.debconf.org/debconf5/debconf5/key+debconf5+keysigning&hl=en


Google is neither affiliated with the authors of this page nor responsible for its content.
These search terms have been highlighted: debconf5 keysigning 

Keysigning Party | debconf5

Keysigning Party

Keysigning Party @ Debconf5 2005

At Debconf5 in Helsinki, Finland there will be an OpenPGP (pgp/gpg) keysigning party.

The party will be on Friday, July 15th, at 21:00.

What is/Why keysigning?

A key signing party is a get-together of people who use the PGP encryption system with the purpose of allowing those people to sign each others keys. Key signing parties serve to extend the web of trust to a great degree. Keysigning parties also serve as great opportunities to discuss the political and social issues surrounding strong cryptography, individual liberties, individual sovereignty, and even implementing encryption technologies or perhaps future work on free encryption software.

Please read section One of the GnuPG Keysigning Party HOWTO (note: we are doing the party slightly different, so the other chapters do not 100% apply).

How the Keysigning Will Happen

The Party will be conducted using Len Sassaman's Efficient Group Key Signing Method which is a protocal to do keysignings in a way that is faster than the way many people may be familiar with:

  • If you intent to participate please send your ascii armored public key to ksp-dc5@v7w.com by Saturday, June 25th, 2005

    Attach the keys as a file, and name that file like your email address (multiple keys per file/armor are just fine). Preferably do not sign or encrypt your email.

  • By Wednesday, June 29th, you will be able to fetch both the complete keyring with all the keys that were submitted along with a text file

    giving the fingerprint of each key on the ring.

  • At home, verify that the fingerprint of your key in ksp-dc5.txt is correct. Also compute the MD5 hash of ksp-dc5.txt. One way to do this is with md5sum invoked as follows:

    md5sum ksp-dc5.txt

    or

    gpg --print-md md5 ksp-dc5.txt

    You can calulate the SHA1 hash too with sha1sum or gpg --print-md sha1).

  • At Debconf, come with the hash you computed and a hardcopy of ksp-dc5.txt.

  • A reader at the front of the room will recite the MD5 hash of ksp-dc5.txt. Verify that the hash recited matches what you computed. This guarantees that all participants are working from the same list of keys.

    The reader will also recite the SHA1 hash.

  • Next, the reader will ask if everybody has the same MD5 hash of ksp-dc5.txt. If that is the case, sign each page of your hardcopy and mark the key verified on it.

  • The next step is to verify each participant's identity by checking her passport or similar form of ID.

    At Debconf4, the participants formed a closed line in numerical order by the number assigned to the participants on the hardcopy, and after each pair of people facing each other checked their ID documents, a segment of the line shifted to the left one position.

  • Later that evening, or perhaps when you get home, you can sign the keys which you were able to verify hardcopy. After you signed a key send it to its owner together with your signature.

Downloads (Do not exist yet):

Summary: What to bring with you

  • A printout of ksp-dc5.txt; check that your fingerprint is correct.
  • The MD5 Hash you made of ksp-dc5.txt so that we can ensure we are all working with the same copy.
  • Some form of government issued ID (passport or similar).
  • If this is your first keysigning, a copy of this email and linked documents might be useful.

If you have questions please ask Anibal Monsalve Salazar <anibal@v7w.com>.

Special thanks goes to Benjamin Mako Hill who provided the scripts and text used at Debconf4, Peter Palfrader who provided the scripts and text used at Debconf3 and LinuxTag (2003 and 2004) whose reuse made putting together this keysigning easy and possible.

Relevant Information and Sources for More Information