[PLUG] PGP signing party
Will Andrews
Will Andrews <will@physics.purdue.edu>
Wed, 28 Feb 2001 12:42:07 -0500
--ZPRTZ4IozCHrMUKG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Dear PLUG,
I will testify now: Chris is a wanker. Luv, --will. ;-)
Here's the PGP signing party announcement. Please, people, if you are
coming to the installfest, come prepared to sign PGP keys. Just follow
the instructions below. :-)
----- Forwarded message from Will Andrews <will@physics.purdue.edu> -----
Date: Tue, 27 Feb 2001 16:30:19 -0500
Reply-To: Will Andrews <will@physics.purdue.edu>
From: Will Andrews <will@physics.purdue.edu>
To: cnd@ecn.purdue.edu
Cc: csg@progeny.com, dsp@purdue.edu, sdh@purdue.edu
Subject: PGP signing party
User-Agent: Mutt/1.2.5i
Hey Chris,
Steve said that a number of Progeny staff would be coming, and that they
would participate in the pgp signing party.
I'll be the coordinator. Could you please post an announcement like
this:
*** PGP/GPG SIGNING PARTY @ INSTALLFEST ***
I am going to coordinate a gpg signing party at the Installfest this
Saturday. Some Progeny staff members have said they will be attending,
and would be happy to sign others' keys. What everyone needs to do is
the following:
1) Generate a GPG key (if you do not have one already). This is
as simple as:
% gpg --gen-key
=20
and following instructions. People will want to pick the
DSA/ElGamal algorithm and as large as keysize as they can
(2048 bit is good). Key expiration is up to you: I suggest
two to five years. The longer the passphrase, the better.
While GPG generates the key, the more random bits it can
obtain from /dev/random, the better. Most Unix operating
systems harvest randomness from i/o devices like NICs, mice,
sound cards, and keyboards.
=09
2) Send your GPG key to pgp.mit.edu like this:
% gpg --keyserver pgp.mit.edu --send-key YOUR_KEY_ID
=09
3) Send me an email (will@physics.purdue.edu) with the following info:
a. Your name and email address as listed in your key.
b. Your key ID (YOUR_KEY_ID above).
c. Your key size and algorithm.
d. Your key fingerprint.
4) Come to the installfest. The key signing party will be at
2:30pm, in the Class of 1950 Hall Room 224. I will ask
people to pick up a sheet of paper (or two) that lists
everyone's data as above, plus a space to checkmark that
they've identified correctly the information you have.
Everyone needs to bring with yourself to the installfest a
piece of scrap paper with your key information on it (in case
I somehow mess it up or someone else does or something) as
well as valid ID. Valid ID (by my definition at least,
others may accept other types of ID) means driver's license
or passport from your country of origin. Please note: PUIDs
aren't good enough. :-)
Please note: Do *NOT* bring a computer with your gpg key on
it! You will use the sheet of paper(s) that I give you to
verify others' identities and match their GPG keys.
5) When you get home, sign everyone's keys like so:
% gpg --keyserver pgp.mit.edu --recv-keys KEY_ID
% gpg --sign-key KEY_ID
% gpg --keyserver pgp.mit.edu --send-key KEY_ID
Perform this for each key that you verified at the
installfest.
Details on how this works can be found at:
http://www.cryptnet.net/fdp/crypto/gpg-party.html
To reiterate, the gpg signing key party schedule is:
Tue Feb 27, 2001 - Sat Mar 3 2001 @ 2pm: Send me the data as in #2
Sat Mar 3, 2001 @ 2:30pm in CL50-224: PGP signing party begins
Sat Mar 3, 2001 @ ~2:40pm, CL50-224: PGP signing party ends
Cheers!
--=20
wca
----- End forwarded message -----
--=20
wca
--ZPRTZ4IozCHrMUKG
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE6nThuF47idPgWcsURAowaAJ9dWMOybnCIorl865Sqdm3fvofzkQCfRQYU
NWeqSoknw2bz3/k9UrD57XE=
=q6Yu
-----END PGP SIGNATURE-----
--ZPRTZ4IozCHrMUKG--