GPG key signing Party
Meet Ubuntu people face-to-face. Taunt each other over their passport/driver's license photos. Add yourself to the Web of Trust or increase your ranking
Before you come to ubucon key signing party
- Mandatory: Create a GPG keypair for yourself (if you haven't already)
- Mandatory: Print or write down your key fingerprint and bring it with you. You'll have to confirm at the signing that the list is correct for your key.
- Mandatory: Send your key before the event to the subkeys.pgp.net keyserver.
Get your KEYID from your keyring as the part following the 1024D/ as follows:
gpg --list-secret-keys | grep sec
As an example this may look like 82A0BC01. Yours will be different.
- Then send your key to the keyserver with:
gpg --keyserver pgp.mit.edu --send-keys KEYID
Mandatory: Send your key before the event to email@example.com as follows:
gpg --fingerprint 'firstname.lastname@example.org' | mail -s "'email@example.com' key" keys at theubucon.org
gpg --fingerprint firstname.lastname@example.org cut/past into an email to email@example.com with the subject “firstname.lastname@example.org key”
- Mandatory: Bring a government-issued picture ID of yourself
After the Keysigning
Following the keysigning, you'll need to actually sign people's keys. The easiest way to do this is to use caff which is conveniently packaged in the Ubuntu signing-party package. caff lets you sign a number of keys at once, and will then email each recipient their signed key, encrypted with their key (actually, it sends one email per UID on the target key, so those people with 10 UIDs on their key will get 10 emails from caff, but that's OK - it makes sure they control that email address too). They must know their own pass phrase to retrieve their signed key, which they can then import into their gpg keyring and upload to the keyserver pgp.mit.edu.