Difference between pages "Russell Coker" and "Key signing"

From LCA2014 Delegate Wiki
(Difference between pages)
Jump to: navigation, search
(Christopher Neugebauer moved page Russell Coker to User:Russell Coker)
 
(Submitting your key)
 
Line 1: Line 1:
#REDIRECT [[User:Russell Coker]]
+
= Key signing party =
 +
We should have a key signing party, up for suggestions on where and when and what format
 +
 
 +
 
 +
== Before the event ==
 +
 
 +
You need a gpg key to start, create one now!
 +
You might as well make it with as big a key size as possible.
 +
<pre>gpg --gen-key
 +
gpg --list-secret-keys
 +
gpg --fingerprint FA9EC035</pre>
 +
 
 +
 
 +
== Submitting your key ==
 +
 
 +
Currently nothing has been decided, please add suggestions below.
 +
* create a wiki page containing your fingerprints
 +
** [[https://lca2014.linux.org.au/wiki/User:Daniel_sobey Daniel Sobey]]
 +
* Some other tool, edit this page and we may use it
 +
 
 +
{| class="wikitable"
 +
|+ people participating in identification exchange
 +
! Real Name !! Key Id !! Key Fingerprint !! Preferred E-mail Address
 +
|-
 +
 
 +
|-
 +
| J Random Person  || 0x0000000000000000 || FFFF FFFF FFFF FFFF FFFF  FFFF FFFF FFFF FFFF FFFF || jrp@example.com
 +
 
 +
 
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Mark_Atwood Mark Atwood]]  || 0x5BB3D38332608126 || D37B E0BF 09D3 C69B DDAC  78B5 5BB3 D383 3260 8126 || me@mark.atwood.name
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Daniel_sobey Daniel Sobey]]    ||  0xFA9EC035 ||  || dns@dns.id.au
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Daniel_sobey Daniel Sobey]]    ||  0x7E706939 ||  || dns@dns.id.au
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Daniel_sobey Daniel Sobey]]    ||  0x2EC08895 ||  || dns@dns.id.au
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Paul_Warren Paul Warren]]  || 0x5341F366208EDB2A ||  DF30 FFE6 CBEE ED60 E340  EEBA 5341 F366 208E DB2A || pwarren@pwarren.id.au, paul@thewarrens.name
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Paul_Warren Paul Warren]]  || 0x89A45B0613ABFE97 ||  2D60 F3A8 CB31 9C99 F76E  0637 89A4 5B06 13AB FE97 || pwarren@pwarren.id.au
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Elizabeth_Krumbach_Joseph Elizabeth Krumbach Joseph]]  || 0x2FC76319BC2349FC || F1A1 2FEF 82A5 666C F9A4  A748 2FC7 6319 BC23 49FC || lyz@princessleia.com
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Arkady_Gundroff Arkady Gundroff]]  || 0x877D7A54 || 27A4 1D27 E9B8 5AD7 1C2A  8A86 ECF8 CCDD 877D 7A54 || rkd@therkd.org
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Arkady_Gundroff Arkady Gundroff]]  || 0x22F75870 || 2D39 1FA0 84A6 AE66 D525  0805 68B2 320E 22F7 5870 || rkd@therkd.org
 +
|-
 +
| [[https://lca2014.linux.org.au/wiki/User:Kye_Russell Kye Russell]]   || 0xE44FDDE6 || 8AA9 BF1D 306F 1CD6 4D2C  95BA 662A 7109 E44F DDE6 || me@kyerussell.com
 +
|-
 +
| [[http://www.humbug.org.au/RussellStuart Russell Stuart]] || 0xE7843A8C || D25D D87D F8EA 9ED1 D146  5023 F523 1C62 E784 3A8C || russell-gpg@stuart.id.au<br/>ras@debian.org<br/>russell-debian@stuart.id.au
 +
|-
 +
| Christopher Yeoh || 0xAAE53307 ||7D5F DD42 C463 D88F 559E  BDF0 3714 8A73 AAE5 3307|| cbkyeoh@gmail.com
 +
|-
 +
| [[http://www.james.rcpt.to/ James Bromberger]] || 0x9D85C53C || 8591 20FE 0D9F A6A5 B054  C775 AEC8 2874 9D85 C53C || jeb@debia.org<br />jeb@cpan.org<br />james@rcpt.to
 +
|-
 +
| [[http://www.azabani.com Delan Azabani]] || 0x18416AA7 || 7F21 2455 67B2 3E09 2664  20EF 0548 7476 1841 6AA7 || delan@azabani.com
 +
|-
 +
| Thomas Chung || 0xB18A274C || 6951 B594 524C E3A9 3734  494F 17E8 091D B18A 274C || thomas@nomology.id.au<br>thomaschung32@gmail.com
 +
|-
 +
| Karl-Johan Karlsson || 0x331FAE7D || 5893 644B 7783 B5D3 9FD7  F4C6 01BA C4B5 331F AE7D || creideiki@lysator.liu.se<br />creideiki@ferretporn.se
 +
|-
 +
|}
 +
 
 +
== At the event ==
 +
We will need someone to collate the keys and print them out.
 +
Please let us know how many we should print and where to print them.
 +
 
 +
What we did last year was go to a lecture theatre with a projector.
 +
Each person stands up, shows their photo id and read their fingerprint aloud.
 +
printouts of everyone's fingerprints were provided so you can tick off as you go
 +
This worked ok but took a long time to get through everyone.
 +
 
 +
 
 +
 
 +
== Ad hoc Signing ==
 +
 
 +
Put your fingerprint on a piece of paper and hand it out to people.
 +
No need to do it formally just swap as you meet.
 +
 
 +
Things to watch out for:
 +
* does it match thair name
 +
* Does the person have a key with that fingerprint, do the numbers match.
 +
* know that anyone can generate a key and claim an email address
 +
* if someone can be bothered they can keep trying to generate a key with the first 8 digits the same as another key but getting the whole fingerprint is nearly impossible
 +
 
 +
 
 +
== When you get home ==
 +
after the event you should have notes of who to trust the next thing to do is sign the key.
 +
You can individually sign each key, export the signature and send it to them.
 +
 
 +
[https://wiki.debian.org/caff caff] is a tool that automates the signing a little.
 +
It will sign and send an email (encrypted if possible) containing the signature.
 +
It requires some setup but it does make things easier.

Revision as of 00:52, 5 January 2014

Contents

Key signing party

We should have a key signing party, up for suggestions on where and when and what format


Before the event

You need a gpg key to start, create one now! You might as well make it with as big a key size as possible.

gpg --gen-key
gpg --list-secret-keys
gpg --fingerprint FA9EC035


Submitting your key

Currently nothing has been decided, please add suggestions below.

  • create a wiki page containing your fingerprints
  • Some other tool, edit this page and we may use it
people participating in identification exchange
Real Name Key Id Key Fingerprint Preferred E-mail Address
J Random Person 0x0000000000000000 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF jrp@example.com


[Mark Atwood] 0x5BB3D38332608126 D37B E0BF 09D3 C69B DDAC 78B5 5BB3 D383 3260 8126 me@mark.atwood.name
[Daniel Sobey] 0xFA9EC035 dns@dns.id.au
[Daniel Sobey] 0x7E706939 dns@dns.id.au
[Daniel Sobey] 0x2EC08895 dns@dns.id.au
[Paul Warren] 0x5341F366208EDB2A DF30 FFE6 CBEE ED60 E340 EEBA 5341 F366 208E DB2A pwarren@pwarren.id.au, paul@thewarrens.name
[Paul Warren] 0x89A45B0613ABFE97 2D60 F3A8 CB31 9C99 F76E 0637 89A4 5B06 13AB FE97 pwarren@pwarren.id.au
[Elizabeth Krumbach Joseph] 0x2FC76319BC2349FC F1A1 2FEF 82A5 666C F9A4 A748 2FC7 6319 BC23 49FC lyz@princessleia.com
[Arkady Gundroff] 0x877D7A54 27A4 1D27 E9B8 5AD7 1C2A 8A86 ECF8 CCDD 877D 7A54 rkd@therkd.org
[Arkady Gundroff] 0x22F75870 2D39 1FA0 84A6 AE66 D525 0805 68B2 320E 22F7 5870 rkd@therkd.org
[Kye Russell] 0xE44FDDE6 8AA9 BF1D 306F 1CD6 4D2C 95BA 662A 7109 E44F DDE6 me@kyerussell.com
[Russell Stuart] 0xE7843A8C D25D D87D F8EA 9ED1 D146 5023 F523 1C62 E784 3A8C russell-gpg@stuart.id.au
ras@debian.org
russell-debian@stuart.id.au
Christopher Yeoh 0xAAE53307 7D5F DD42 C463 D88F 559E BDF0 3714 8A73 AAE5 3307 cbkyeoh@gmail.com
[James Bromberger] 0x9D85C53C 8591 20FE 0D9F A6A5 B054 C775 AEC8 2874 9D85 C53C jeb@debia.org
jeb@cpan.org
james@rcpt.to
[Delan Azabani] 0x18416AA7 7F21 2455 67B2 3E09 2664 20EF 0548 7476 1841 6AA7 delan@azabani.com
Thomas Chung 0xB18A274C 6951 B594 524C E3A9 3734 494F 17E8 091D B18A 274C thomas@nomology.id.au
thomaschung32@gmail.com
Karl-Johan Karlsson 0x331FAE7D 5893 644B 7783 B5D3 9FD7 F4C6 01BA C4B5 331F AE7D creideiki@lysator.liu.se
creideiki@ferretporn.se

At the event

We will need someone to collate the keys and print them out. Please let us know how many we should print and where to print them.

What we did last year was go to a lecture theatre with a projector. Each person stands up, shows their photo id and read their fingerprint aloud. printouts of everyone's fingerprints were provided so you can tick off as you go This worked ok but took a long time to get through everyone.


Ad hoc Signing

Put your fingerprint on a piece of paper and hand it out to people. No need to do it formally just swap as you meet.

Things to watch out for:

  • does it match thair name
  • Does the person have a key with that fingerprint, do the numbers match.
  • know that anyone can generate a key and claim an email address
  • if someone can be bothered they can keep trying to generate a key with the first 8 digits the same as another key but getting the whole fingerprint is nearly impossible


When you get home

after the event you should have notes of who to trust the next thing to do is sign the key. You can individually sign each key, export the signature and send it to them.

caff is a tool that automates the signing a little. It will sign and send an email (encrypted if possible) containing the signature. It requires some setup but it does make things easier.