KeySigning

Differences between revisions 15 and 17 (spanning 2 versions)
Revision 15 as of 2005-11-03 17:33:40
Size: 2929
Editor: 209
Comment: + mpt
Revision 17 as of 2005-11-03 17:50:20
Size: 3064
Editor: 209
Comment:
Deletions are marked like this. Additions are marked like this.
Line 32: Line 32:
|| `` || || || || `C189E733 C098EFA8` || Stephan Hermann || sh@sourcecode.de ||
|| `98083544 945348A4` || Reinhard Tartler || siretart@tauware.de ||
|| || || ||

What?

Semi-disorganised key signing party.

Where?

In the conference in general.

When?

From Thursday's lightning talk session onwards.

How?

Put your key ID (the last four chunks of gpg --fingerprint your@email.address) in the list below. (If you're Hubert then don't worry, your 64bit key id is enough Smile :-)

Key ID

Your name

Your email address

2BC84016 20687895

Daniel Silverstone

dsilvers@digital-scurf.org

5FEE05E6 A56E15A3

Hubert Figuière

hub@figuiere.net

17166E00 F2B16DD5

Corey Burger

corey.burger@gmail.com

CCDFE49B 0A0AC927

LaMont Jones

lamont.jones@ubuntu.com

8E3BE942 E3AE1FF0

Herman Bos

hbos@osso.nl

39003506 8D31AD52

Michal Mach

michal@tacticaltech.org

FA7E8DB8 38162EC3

Francis Viviers

francis@impilinux.co.za

87CEF4D8 E6F332C7

Kevin Cole

kjcole@gri.gallaudet.edu

987AF91B 65CA6797

Graham Ashton

graham.ashton@gmail.com

82091D9A 5921B5D8

Andrew Mitchell

ajmitch@ubuntu.com

E561116B C16AFD3C

Christoffer Torris Olsen

co@deworks.net

AF73B608 A94050AF

Daniel Holbach

daniel.holbach@ubuntu.com

025659D0 147C722D

Ivan Krstic

krstic@hcs.harvard.edu

E8F53135 F53A79CA

Matthew Paul Thomas

mpt@canonical.com

C189E733 C098EFA8

Stephan Hermann

sh@sourcecode.de

98083544 945348A4

Reinhard Tartler

siretart@tauware.de

I will be emailing the files for the key signing to the address listed here at about 6pm, so make sure your information is here well before then. Also ensure that you have sent your keys to subkeys.pgp.net because that's where I'll retrieve them from for fingerprinting.

Process

You will receive the URL to a single file from me. The file will be of a form similar to:

## Ubuntu Below Zero Keysigning Party

### Key 1
# Daniel Silverstone <dsilvers@digital-scurf.org>
### 1024 D
### 961F 4EB8 29D7 D304 A774  7782 2BC8 4016 2068 7895

In the last session today, I will show/read-out the SHA1 and MD5 fingerprints of the file.

You should ensure the file you have in your posession matches the fingerprints I read out, E.g. by using gpg --print-mds foofile.txt

You should also confirm that *YOUR* fingerprint in the file is correct.

Verification process

  • Meet someone. Let's call them "Person A". They tell you what number their key(s) is/are in the file.
  • Confirm with them that their copy of the file matched the checksums, and that their fingerprint was correct in the file. This is truly as simple as (assuming all is well) "Did the file match?" ... "Yes" ... "Did your fingerprint match?" ... "Yes"
  • Verify their identity documents
  • Confirm that the name in the text file matches their identity documents
  • Delete the comment marker from the fingerprint line for that person if all is well. (Or put it into your favourite keysigning tool as you see fit)

UbuntuBelowZero/KeySigning (last edited 2008-08-06 16:35:32 by localhost)