No edit summary |
m (Reverted edits by 192.168.1.78 (talk) to last revision by N3pb) |
||
(23 intermediate revisions by 11 users not shown) | |||
Line 1: | Line 1: | ||
== Followup == | |||
''This section was added after the keysigning and contains some useful followup information.'' | |||
* Keyring and fingerprints: | |||
** [http://nb.fedorapeople.org/keys2.pdf key and fingerprint list (keys2.pdf)] | |||
** [http://nb.fedorapeople.org/keys2.pdf.sha256sum.asc key and fingerprint list sha256sum] | |||
** [http://nb.fedorapeople.org/keys2.asc keyring to import] | |||
** [http://www.flickr.com/photos/n3pb/sets/72157628896297595/with/6708278535/ Photos of the key fingerprints on the board.] | |||
** IDs of keys signed: 110810E9 154FDAF0 57E02D57 D72AD0EF 1999A427 85DACC63 B2420431 62A2258E 0E572FDD 024BB3D1 3A7676E7 210BDF5A 9342BF08 1F85118D 07D2F8B4 89CCAE8B 34E36341 390EBBB9 AA482E46 92F0FC09 E65E4F3D FA6C4994 D1F5C478 DAD3DF0E 8B3D4806 9B649644 5B7CBD2B 94BC377E 1285BE7C 750152F1 CD84EE48 DF044293 188C6D38 2486CFD6 D39BE61C C40F2998 C8391120 EBD267AB 6EF4DA92 B4D3D7B0 835D13A0 | |||
* Signing tools | |||
** '''caff''' is part of the '''pgp-tools''' package. | |||
** [http://www.phildev.net/pius/pius pius (PGP Individual UID Signer)] | |||
* The strong set in the PGP web of trust | |||
** [http://en.wikipedia.org/wiki/Web_of_trust#Mean_shortest_distance Explanation at Wikipedia.] | |||
** [http://pgp.cs.uu.nl/plot/ analysis of the strong set in the PGP web of trust] | |||
** [http://www.lysator.liu.se/~jc/wotsap/index.html wotsap (Web of trust statistics and pathfinder)] - take a look at the [http://www.lysator.liu.se/~jc/wotsap/search.html search page] for a bunch of interesting things you can do. [http://webware.lysator.liu.se/jc/wotsap/wots/latest/groupmatrix/110810E9,0x154FDAF0,0x57E02D57,0xD72AD0EF,0x1999A427,0x85DACC63,B2420431,0x62A2258E,0x0E572FDD,024BB3D1,3A7676E7,0x210BDF5A,0x9342BF08,0x1F85118D,0x07D2F8B4,0x89CCAE8B,0x34E36341,0x390EBBB9,AA482E46,0x92F0FC09,E65E4F3D,0xFA6C4994,D1F5C478,DAD3DF0E,0x8B3D4806,9B649644,5B7CBD2B,94BC377E,1285BE7C,0x750152F1,CD84EE48,DF044293,188C6D38,2486CFD6,D39BE61C,C40F2998,C8391120,0xEBD267AB,0x6EF4DA92,0xB4D3D7B0,0x835D13A0.txt Here] is a matrix of all the key signings from FUDCon. (Note: It sometimes takes quite a while for new data to show up in the wotsap.) | |||
== Original Page == | |||
{{admon/warning|The signup deadline has passed|If you still want to participate, bring about 60 slips with your key's fingerprint printed or '''neatly''' written on it.}} | |||
There will be a GPG Key Signing Event held at FUDCon Blacksburg 2012 on Saturday, January 14th, at 1700 (5pm). There will also be a [[FUDCon:Blacksburg_2012_CAcert_Assurance_Event|CAcert Assurance event]] held at 1600 (4pm), immediately preceding this event. | There will be a GPG Key Signing Event held at FUDCon Blacksburg 2012 on Saturday, January 14th, at 1700 (5pm). There will also be a [[FUDCon:Blacksburg_2012_CAcert_Assurance_Event|CAcert Assurance event]] held at 1600 (4pm), immediately preceding this event. | ||
Please sign up below and make sure your key is available on the public keyserver network or make a note here with the url if it is not. | Please sign up below and make sure your key is available on the public keyserver network or make a note here with the url if it is not. | ||
'''Things to bring to the event: | == Notice of change == | ||
Nick and I are working through the last minute logistics that goes along with the event. We hadn't planned on this event event being so popular! With this in mind we have decided to change the way we are doing the key verifications. Originally we were planning on each person, individually, standing up and reading their key aloud while everyone else verified the paper copy provided for the event. This procedure is used most often and is the most secure. The problem is we now have <strike>forty-four</strike> forty-nine keys to be signed! That's going to take a while! | |||
For larger parties the recommended procedure is the "hash-based method". The keys will still be provided to everyone on paper. The file will be digitally signed (and electronic versions of the document will be made available). At the event everyone verifies that *their* key is listed correctly on the paper and then the host will read the hash to everyone so that everyone can verify that their copy is correct and has not been modified. Once this happens and everyone is satisfied that they have the correct list of keys then we check everyone's identification. | |||
If anyone has any concern about this procedure please let us know *now* so we can address this. | |||
[http://nb.fedorapeople.org/keys2.pdf key and fingerprint list] | |||
[http://nb.fedorapeople.org/keys2.pdf.sha256sum.asc key and fingerprint list sha256sum] | |||
[http://nb.fedorapeople.org/keys2.asc keyring to import] | |||
== Things to bring to the event: == | |||
# Yourself | # Yourself | ||
# At least one government issued photo ID | # At least one government issued photo ID | ||
Line 10: | Line 43: | ||
# NO computer (or at least leave it in your bag or something, you don't need to actually sign the keys right then) | # NO computer (or at least leave it in your bag or something, you don't need to actually sign the keys right then) | ||
=== Why shouldn't I bring a computer?=== | |||
There are a variety of reasons, why you don't want to do this. The short answer is it would be insecure, unsafe, and of no benefit. For those not convinced, here are some reasons why it is insecure, unsafe, and of no benefit. | |||
* If people are carrying their secret keys with them and intend to do the signing at the actual meeting by typing their passphrase into a computer, then they are open to key-logging attacks, shoulder-surfing, etc. | |||
* Someone might spill $beverage on it. | |||
* Someone might drop it or knock it off the table. | |||
* Etc | |||
== Keysigning Procedure == | |||
# Generate a key/Remember your pass phrase | |||
# All attendees send their public keys to a public keyserver. For this party, we'll use keys.bz or keys.christensenplace.us. If for some reason you don't want your key to be in a public keyserver, but still want to participate, please let me know. | |||
# All attendees posts their fingerprint to this wiki page (see below). The event coordinator will compile everyone's key information. | |||
# The host prints a list with everyone's fingerprint from the compiled keyrings and distributes copies of the printout at the meeting. | |||
# Attend the party. Bring along a paper copy of your fingerprint that you obtained from your own keyring. You must also bring along a suitable photo ID. Instruct the attendees at the beginning that they are to make two marks on the listing, one for correct key information and one if the ID check is ok. | |||
# At the meeting the host will distribute the key forms and a hash of that form (also available from this wiki page). The host will read the hash key out so that everyone can verify they have the same file. Everyone will verify that their fingerprint is correct on the form. Once everyone has verified these two pieces of information we will start with the identifications. | |||
# After everyone has read his key ID information, have all attendees form a line. | |||
# The first person walks down the line having every person check his ID. | |||
# The second person follows immediately behind the first person and so on. | |||
# If you are satisfied that the person is who they say they are, and that the key on the printout is theirs, you place another check-mark next to their key on your printout. | |||
# Once the first person cycles back around to the front of the line he has checked all the other IDs and his ID has been checked by all others. | |||
# After everybody has identified himself or herself the formal part of the meeting is over. You are free to leave or to stay and discuss matters of PGP and privacy (or anything else) with fellow PGP users. If everyone is punctual the formal part of the evening should take less than an hour. | |||
# After confirming that the key information on the key server matches the printout that you have checked, sign the appropriate keys. Keys can only be signed if they have two check-marks. | |||
# Send the signed keys back to the keyservers. | |||
# Use those keys as often as possible. | |||
We are not providing specific guidelines on what IDs are acceptable, or how many are required, however, it is generally expected that each participant will be able to provide some sort of government issued photo identification, such as driver's license, passport, etc., matching the name on their key. | === Acceptable Identification === | ||
We are not providing specific guidelines on what IDs are acceptable, or how many are required, however, it is generally expected that each participant will be able to provide some sort of government issued photo identification, such as driver's license, passport, etc., matching the name on their key. It is up to the other participants whether or not they will accept your identification. | |||
== Uploading your key to a keyserver == | |||
To upload your key, do <code>gpg --keyserver keys.bz --send-keys 0xYOURKEYID</code> | To upload your key, do <code>gpg --keyserver keys.bz --send-keys 0xYOURKEYID</code> | ||
(Virginia Tech also operates a keyserver at <code>keyserver.cns.vt.edu</code>.) | (Virginia Tech also operates a keyserver at <code>keyserver.cns.vt.edu</code>.) | ||
== CAcert Assurance == | |||
There will also be a [[FUDCon:Blacksburg_2012_CAcert_Assurance_Event|CAcert Assurance event]]. | There will also be a [[FUDCon:Blacksburg_2012_CAcert_Assurance_Event|CAcert Assurance event]]. | ||
== Key List == | |||
{| | {| | ||
! Name !! FAS Username !! Key ID !! Fingerprint | ! Name !! FAS Username !! Key ID !! Fingerprint | ||
Line 107: | Line 165: | ||
|- | |- | ||
|Justin M. Forbes || jforbes || 0x07D2F8B4 || 69C2 14E0 B69C 22FD 9BAB 91FE E0D3 C9EF 07D2 F8B4 | |Justin M. Forbes || jforbes || 0x07D2F8B4 || 69C2 14E0 B69C 22FD 9BAB 91FE E0D3 C9EF 07D2 F8B4 | ||
|- | |||
| Garrett Holmstrom || gholms || 0xDF044293 || 73CF 446C 8F09 A9DB 9D44 A020 9278 34B6 DF04 4293 | |||
|- | |||
| Garrett Holmstrom (work) || gholms || 0x188C6D38 || A915 7737 6560 BA04 505E 7888 6EAC 46AB 188C 6D38 | |||
|- | |||
| Philip Balister || || 0xEBD267AB || 0534 2F35 0245 67E9 EF18 3CA5 C0C9 778A EBD2 67AB | |||
|- | |||
| Josh Boyer || jwboyer || 0x2486CFD6 || 4CDE 8575 E547 BF83 5FE1 5807 A31B 6BD7 2486 CFD6 | |||
|- | |||
| Scott Suehle || kilted1 || 0xD39BE61C || E3C7 A18F 384D 8DB7 D607 FE0C 1EF7 F717 D39B E61C | |||
|- | |||
| Xavier Lamien || laxathom || 0xC8391120 || 49B2 05EE 089A BF1D BFF4 BBED AC7C 50F3 C839 1120 | |||
|- | |- | ||
! Name !! FAS Username !! Key ID !! Fingerprint | ! Name !! FAS Username !! Key ID !! Fingerprint |
Latest revision as of 18:26, 15 May 2013
Followup
This section was added after the keysigning and contains some useful followup information.
- Keyring and fingerprints:
- key and fingerprint list (keys2.pdf)
- key and fingerprint list sha256sum
- keyring to import
- Photos of the key fingerprints on the board.
- IDs of keys signed: 110810E9 154FDAF0 57E02D57 D72AD0EF 1999A427 85DACC63 B2420431 62A2258E 0E572FDD 024BB3D1 3A7676E7 210BDF5A 9342BF08 1F85118D 07D2F8B4 89CCAE8B 34E36341 390EBBB9 AA482E46 92F0FC09 E65E4F3D FA6C4994 D1F5C478 DAD3DF0E 8B3D4806 9B649644 5B7CBD2B 94BC377E 1285BE7C 750152F1 CD84EE48 DF044293 188C6D38 2486CFD6 D39BE61C C40F2998 C8391120 EBD267AB 6EF4DA92 B4D3D7B0 835D13A0
- Signing tools
- caff is part of the pgp-tools package.
- pius (PGP Individual UID Signer)
- The strong set in the PGP web of trust
- Explanation at Wikipedia.
- analysis of the strong set in the PGP web of trust
- wotsap (Web of trust statistics and pathfinder) - take a look at the search page for a bunch of interesting things you can do. Here is a matrix of all the key signings from FUDCon. (Note: It sometimes takes quite a while for new data to show up in the wotsap.)
Original Page
There will be a GPG Key Signing Event held at FUDCon Blacksburg 2012 on Saturday, January 14th, at 1700 (5pm). There will also be a CAcert Assurance event held at 1600 (4pm), immediately preceding this event.
Please sign up below and make sure your key is available on the public keyserver network or make a note here with the url if it is not.
Notice of change
Nick and I are working through the last minute logistics that goes along with the event. We hadn't planned on this event event being so popular! With this in mind we have decided to change the way we are doing the key verifications. Originally we were planning on each person, individually, standing up and reading their key aloud while everyone else verified the paper copy provided for the event. This procedure is used most often and is the most secure. The problem is we now have forty-four forty-nine keys to be signed! That's going to take a while!
For larger parties the recommended procedure is the "hash-based method". The keys will still be provided to everyone on paper. The file will be digitally signed (and electronic versions of the document will be made available). At the event everyone verifies that *their* key is listed correctly on the paper and then the host will read the hash to everyone so that everyone can verify that their copy is correct and has not been modified. Once this happens and everyone is satisfied that they have the correct list of keys then we check everyone's identification.
If anyone has any concern about this procedure please let us know *now* so we can address this.
key and fingerprint list sha256sum
Things to bring to the event:
- Yourself
- At least one government issued photo ID
- Your key's fingerprint
- A pen/pencil or whatever you'd like to write with....
- NO computer (or at least leave it in your bag or something, you don't need to actually sign the keys right then)
Why shouldn't I bring a computer?
There are a variety of reasons, why you don't want to do this. The short answer is it would be insecure, unsafe, and of no benefit. For those not convinced, here are some reasons why it is insecure, unsafe, and of no benefit.
- If people are carrying their secret keys with them and intend to do the signing at the actual meeting by typing their passphrase into a computer, then they are open to key-logging attacks, shoulder-surfing, etc.
- Someone might spill $beverage on it.
- Someone might drop it or knock it off the table.
- Etc
Keysigning Procedure
- Generate a key/Remember your pass phrase
- All attendees send their public keys to a public keyserver. For this party, we'll use keys.bz or keys.christensenplace.us. If for some reason you don't want your key to be in a public keyserver, but still want to participate, please let me know.
- All attendees posts their fingerprint to this wiki page (see below). The event coordinator will compile everyone's key information.
- The host prints a list with everyone's fingerprint from the compiled keyrings and distributes copies of the printout at the meeting.
- Attend the party. Bring along a paper copy of your fingerprint that you obtained from your own keyring. You must also bring along a suitable photo ID. Instruct the attendees at the beginning that they are to make two marks on the listing, one for correct key information and one if the ID check is ok.
- At the meeting the host will distribute the key forms and a hash of that form (also available from this wiki page). The host will read the hash key out so that everyone can verify they have the same file. Everyone will verify that their fingerprint is correct on the form. Once everyone has verified these two pieces of information we will start with the identifications.
- After everyone has read his key ID information, have all attendees form a line.
- The first person walks down the line having every person check his ID.
- The second person follows immediately behind the first person and so on.
- If you are satisfied that the person is who they say they are, and that the key on the printout is theirs, you place another check-mark next to their key on your printout.
- Once the first person cycles back around to the front of the line he has checked all the other IDs and his ID has been checked by all others.
- After everybody has identified himself or herself the formal part of the meeting is over. You are free to leave or to stay and discuss matters of PGP and privacy (or anything else) with fellow PGP users. If everyone is punctual the formal part of the evening should take less than an hour.
- After confirming that the key information on the key server matches the printout that you have checked, sign the appropriate keys. Keys can only be signed if they have two check-marks.
- Send the signed keys back to the keyservers.
- Use those keys as often as possible.
Acceptable Identification
We are not providing specific guidelines on what IDs are acceptable, or how many are required, however, it is generally expected that each participant will be able to provide some sort of government issued photo identification, such as driver's license, passport, etc., matching the name on their key. It is up to the other participants whether or not they will accept your identification.
Uploading your key to a keyserver
To upload your key, do gpg --keyserver keys.bz --send-keys 0xYOURKEYID
(Virginia Tech also operates a keyserver at keyserver.cns.vt.edu
.)
CAcert Assurance
There will also be a CAcert Assurance event.
Key List
Name | FAS Username | Key ID | Fingerprint |
---|---|---|---|
Nicholas E. Bebout | nb | 0x154FDAF0 | 8D9D C33B 8C30 5BBF 6E91 E783 9EF9 FA30 154F DAF0 |
Nicholas E. Bebout | nb | 0x110810E9 | 167B 4A54 236B BEAA 37DC CD92 ED14 D5E7 1108 10E9 |
Toshio Kuratomi | toshio | 0xCD84EE48 | 1289 DAF3 C7FC 1108 C77D ADD9 5FAC 8089 CD84 EE48 |
Jared Smith | jsmith | 0x210BDF5A | 1E46 74AA A394 0EAA 6596 FDF0 7D9D 159F 210B DF5A |
Kevin Fenzi | kevin | 0x34E36341 | A6EA F625 0EBB F132 A8A9 32AD DE29 827B 34E3 6341 |
Eric Christensen | sparks | 0x024BB3D1 | 097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1 |
Perry Myers | pmyers | 0xE65E4F3D | 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D |
Dan Walsh | dwalsh | 0x8329A1B3 | A868 816A C8BF B50C 6F44 63DF AE56 2F13 8329 A1B3 |
Klaatu | klaatu | 0x5000280F | 45AE 6061 3BC8 EF6C 07BF CB39 1D97 D65F 5000 280F |
Ricky Elrod | codeblock | 0xDAD3DF0E | 9739 5A0F BDC8 1D20 A137 CDCC 0027 10B0 DAD3 DF0E |
Matt Domsch | mdomsch | 0x92F0FC09 | 17A4 17D0 81F5 4B5F DB1C AEF8 21AB EEF7 92F0 FC09 |
Phil Benchoff | n3pb | 0xFA6C4994 | 5CD5 EFA3 E1C5 20B1 B0ED E38C 8337 8A94 FA6C 4994 |
Chuck Frain | chuck | 0xB2420431 | 2045 8609 1674 BE49 AD89 0661 5726 2343 B242 0431 |
Simon Sekidde | sekidde | 0x94BC377E | 5848 958E 73BA 04D3 7C06 F096 1BA1 2DBF 94BC 377E |
Luke Macken | lmacken | 0x390EBBB9 | FFFF CD40 89FE 8E6F C38D A9D9 46C9 B778 390E BBB9 |
Richard B. Tilley (Brad) | rtilley | 0x6EF4DA92 | 2BC7 DF02 5E52 8660 95E5 769C 13E0 F3DE 6EF4 DA92 |
Thomas Weeks (Tweeks) | tweeks | 0x750152F1 | 5A27 DABA EEBC 63A5 2A46 0D78 2757 662F 7501 52F1 |
Richard W. Godbee, Jr. | rwg | 0xD1F5C478 | C8DB B3B6 352E 8760 8FA2 3BE2 3C32 C580 D1F5 C478 |
Ben Boeckel | mathstuf | 0x57E02D57 | F4C9 5FFD 6EA4 F7F1 2E19 5865 A6B1 6AF5 57E0 2D57 |
Ben Boeckel (work) | mathstuf | 0xD72AD0EF | D49F D289 AB5F 09DE 28FB 8006 011B D2DB D72A D0EF |
Mark Walker | marwalk | 0xAA482E46 | D780 2F66 B08D 739D 3BF0 2468 7C22 870D AA48 2E46 |
James Schwinabart | mutantmonkey | 0x3A7676E7 | 384E 1FED 4AFE 4843 5432 77E5 D7CE BBD3 3A76 76E7 |
Christoph Wickert | cwickert | 0x1999A427 | 8BFD B656 3415 D8DA 559F 1478 1AAC 3E75 1999 A427 |
Christoph Wickert (work) | cwickert | 0x85DACC63 | 4531 6312 111F 6582 A19F 27A2 168B 6216 85DA CC63 |
Jeroen van Meeuwen | kanarip | 0x9342BF08 | C6B0 7FB4 43E6 CDDA D258 F70B 28DE 9FDA 9342 BF08 |
Colin Walters | walters | 0xAE087291 | 1CEC 7A9D F7DA 85AB EF84 3DC0 A866 D7CC AE08 7291 |
Thom Carlin | thom | 0x1285BE7C | AE19 E8EF BC0B 87E5 FA56 3B9E 8870 B778 1285 BE7C |
Clint Savage | herlo | 0x62A2258E | 8C10 443D 7F49 A694 018C A2DD 7D27 D8A2 62A2 258E |
Russell Herrold | 0x9B649644 | A866 9FF9 8185 0EE6 5EF1 FDA8 3118 7541 9B64 9644 | |
Russell Herrold (centos) | 0x5B7CBD2B | 6CFB 553C 3577 6F5E BCBC 56D4 2AD4 FF5D 5B7C BD2B | |
Kaleb KEITHLEY (work) | kkeithle | 0x89CCAE8B | 9BD4 D907 FA55 4FC8 B4A3 716F 3730 DD49 89CC AE8B |
Russell Bryant | russellb | 0x8B3D4806 | 2EA1 5068 05EE 0C83 2174 0A73 160F 5FB7 8B3D 4806 |
Brian C. Lane | bcl | 0x9712C2CD | 799F A3B6 AEF8 E9B4 D720 56D0 21FB 63FE 9712 C2CD |
Brian C. Lane (work) | bcl | 0x8EFE3A7F | B4C6 B451 E4FA 8B42 32CA 191E 117E 8C16 8EFE 3A7F |
Paul W. Frields | pfrields | 0xBD113717 | 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 |
Mario J.G. Balletta | chanchito | 0xE9893915 | 63CB 5A18 11C8 88ED 1041 A213 4532 C153 E989 3915 |
Doug Ledford | dledford | 0x0E572FDD | AE6B 1BDA 122B 23B4 265B 1274 B826 A333 0E57 2FDD |
Valdis Kletnieks (old key) | valdis | 0xB4D3D7B0 | ECE4 41BA C3B5 3067 512B 7A1F 702D E559 B4D3 D7B0 |
Valdis Kletnieks (new key) | valdis | 0x835D13A0 | 8425 2010 28F1 AA8D 0F80 ADEF 0766 1105 835D 13A0 |
Peter Larsen | bit4man | 0xADCE143D | A927 B0F6 85C2 C0D4 55D8 C003 1DB2 C39D ADCE 143D |
Sid Wilroy | sidwilroy | 0x579415FE | F843 0FBE BD63 D17F 7C0C 1161 44CD 007B 5794 15FE |
Justin M. Forbes | jforbes | 0x07D2F8B4 | 69C2 14E0 B69C 22FD 9BAB 91FE E0D3 C9EF 07D2 F8B4 |
Garrett Holmstrom | gholms | 0xDF044293 | 73CF 446C 8F09 A9DB 9D44 A020 9278 34B6 DF04 4293 |
Garrett Holmstrom (work) | gholms | 0x188C6D38 | A915 7737 6560 BA04 505E 7888 6EAC 46AB 188C 6D38 |
Philip Balister | 0xEBD267AB | 0534 2F35 0245 67E9 EF18 3CA5 C0C9 778A EBD2 67AB | |
Josh Boyer | jwboyer | 0x2486CFD6 | 4CDE 8575 E547 BF83 5FE1 5807 A31B 6BD7 2486 CFD6 |
Scott Suehle | kilted1 | 0xD39BE61C | E3C7 A18F 384D 8DB7 D607 FE0C 1EF7 F717 D39B E61C |
Xavier Lamien | laxathom | 0xC8391120 | 49B2 05EE 089A BF1D BFF4 BBED AC7C 50F3 C839 1120 |
Name | FAS Username | Key ID | Fingerprint |
Back to FUDCon:Blacksburg_2012.