Difference between revisions of "Guidelines for Key Signing Parties"

From SOBAC Wiki
Jump to navigation Jump to search
(→‎Informal Keysigning: Replaced text with transclusion to new page for Informal Keysigning)
(→‎Informal Keysigning: Fixed namespacing on transclusion)
Line 3: Line 3:
  
 
= Informal Keysigning =
 
= Informal Keysigning =
{{Informal Keysigning}}
+
{{:Informal Keysigning}}
  
 
= Other guidelines =
 
= Other guidelines =

Revision as of 04:42, 2 November 2013

Formal Keysigning

Help me create instructions for a Formal Keysigning to be held at the KWLUG meeting on Monday, 2 December 2013. The guidelines below may be a useful starting point.

Informal Keysigning

An Informal Keysigning is a way to exchange KeyIDs between people who already know each other, or trust each other well enough to accept a printed strip of paper listing the KeyID, UserIDs and key fingerprint.

This is a fingerprint strip created with the command gpg --fingerprint 0xD2CCE5EA

pub   1024D/D2CCE5EA 1999-06-24
      Key fingerprint = 04F7 742B 8F54 C40A E115  26C2 B912 89B0 D2CC E5EA
uid                  Bob Jonkman <bjonkman@sobac.com>
uid                  Bob Jonkman <bob@jonkman.ca>
uid                  Bob Jonkman's DH/DSS key
sub   2048g/1A237CC4 1999-06-24

The command gpg-key2ps 0xD2CCE5EA > fingerprint.ps will create a page full of fingerprint strips. gpg-key2ps is available in the Debian package signing-party.

The actual key signing doesn't need to be done at the same time the fingerprint strips are exchanged. But when you do sign the key ID 0xD2CCE5EA be sure that its key fingerprint is the same one on the fingerprint strip.

To sign the public key ID 0xD2CCE5EA with your default private key use the command:

gpg --sign-key 0xD2CCE5EA

At the prompt Really sign all user IDs? type Y -- it is unusual not to sign all User IDs.


See Also:

Formal Keysigning

Other guidelines

How to hold a Key Signing Party by Bob Jonkman

A refutation of the need for government-issued ID (or any other kind of ID)

How To CryptoParty

Not only keysigning parties, but how to throw a party to teach/learn GnuPG, TOR, disk encryption, &c.

Key Signing Protocol by Jeffrey T. Hutzelman

Step-by-step instructions for the identity verification portion of a keysigning party, as held at the 72nd IETF meeting in Dublin (July 2008)

The Keysigning Party HOWTO by V. Alex Brennen

Detailed, in-depth explanation of why and how to hold a Keysigning Party

The comp.security.pgp FAQ by Arnoud Engelfriet and Wouter Slegers

A general FAQ on PGP (and GnuPG), with a section on How do I organize a key signing party?

Ubuntu Keysigning Party

Very specific (too specific?) instructions on how to prepare for a keysigning party

Other stuff

Need a phonetic alphabet to help read out key IDs and fingerprints?