Difference between revisions of "Key signing"

From LCA2014 Delegate Wiki
Jump to: navigation, search
(Getting the keys)
(Getting the keys)
Line 94: Line 94:
As this wiki does not like me uploading text documents I have put them at the url  [http://lca2014.dns.id.au/ lca2014.dns.id.au]
As this wiki does not like me uploading text documents I have put them at the url  [http://lca2014.dns.id.au/ lca2014.dns.id.au]
All the keys concatenated into a file can be downloaded from [http://lca2014.dns.id.au/keyring here]
All the keys concatenated into a file can be downloaded from [http://lca2014.dns.id.au/keyring here]
Below is the md5sum of the keyring:
<pre>f44c1603ca806a1bc4c00e57fb49a8ac  fingerprint
9ff4d079994b93e2c9816020c4f286ce  fingerprint.asc
e6ed4d53ea070f7a5cc1853cdb90ee30  keyring
f86795932e486f916818d30213e99bac  keyring.asc</pre>
Below is the sha512 sum of the keyring
<pre>51a190406f4699ad6655495cafcce4d801c024d501f9caf61a9f1b5b708501c17f0e864ba69da67f3d168708f061cd3a97180b023a7a67b10d33bfd20b2bd3da  fingerprint
c0177a3523b5c51579c41c1f52a4e3b2fb287e351288a421f2a0af9f4ef0ad9cfc690f0c55e5636281cd4b90307539647e881d5961b42c4f45a41982d218ba37  fingerprint.asc
7acb7930af3740b190ceac23614d651ef3042bb57ca77e44eaaa88890cb078b5b75b914444f617c9d4da3fbf5a41b3d31c419829a19b61823d9bc2428a8092c4  keyring
5cf528b7efb74a900964c66d6249f6c52daefe84663e4681ce22cc663af745696fe57011c228fbcfa982e8b4a013992c6cae8989a5a17422427ee6f6b5ce21be  keyring.asc</pre>
== Ad hoc Signing ==
== Ad hoc Signing ==

Latest revision as of 21:15, 7 January 2014


Key signing party

We should have a key signing party, up for suggestions on where and when and what format

Before the event

You need a gpg key to start, create one now! You might as well make it with as big a key size as possible.

gpg --gen-key
gpg --list-secret-keys
gpg --fingerprint FA9EC035

Submitting your key

Enter your key in the below table.

people participating in identification exchange
Real Name Key Id Key Fingerprint Preferred E-mail Address
J Random Person 0x0000000000000000 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF jrp@example.com

[Mark Atwood] 0x5BB3D38332608126 D37B E0BF 09D3 C69B DDAC 78B5 5BB3 D383 3260 8126 me@mark.atwood.name
[Daniel Sobey] 0xFA9EC035 28F8 2EA3 26A3 7748 EC41 CD28 00D4 08C4 FA9E C035 dns@dns.id.au
[Daniel Sobey] 0x7E706939 9F04 E553 09DA 89A9 44EE EF41 6D34 FF8A 7E70 6939 dns@dns.id.au
[Daniel Sobey] 0x2EC08895 AEAE 53B3 DEE8 1DF9 F28C A657 86F3 A534 2EC0 8895 dns@dns.id.au
[Paul Warren] 0x5341F366208EDB2A DF30 FFE6 CBEE ED60 E340 EEBA 5341 F366 208E DB2A pwarren@pwarren.id.au, paul@thewarrens.name
[Paul Warren] 0x89A45B0613ABFE97 2D60 F3A8 CB31 9C99 F76E 0637 89A4 5B06 13AB FE97 pwarren@pwarren.id.au
[Elizabeth Krumbach Joseph] 0x2FC76319BC2349FC F1A1 2FEF 82A5 666C F9A4 A748 2FC7 6319 BC23 49FC lyz@princessleia.com
[Arkady Gundroff] 0x877D7A54 27A4 1D27 E9B8 5AD7 1C2A 8A86 ECF8 CCDD 877D 7A54 rkd@therkd.org
[Arkady Gundroff] 0x22F75870 2D39 1FA0 84A6 AE66 D525 0805 68B2 320E 22F7 5870 rkd@therkd.org
[Kye Russell] 0xE44FDDE6 8AA9 BF1D 306F 1CD6 4D2C 95BA 662A 7109 E44F DDE6 me@kyerussell.com
[Russell Stuart] 0xE7843A8C D25D D87D F8EA 9ED1 D146 5023 F523 1C62 E784 3A8C russell-gpg@stuart.id.au
Christopher Yeoh 0xAAE53307 7D5F DD42 C463 D88F 559E BDF0 3714 8A73 AAE5 3307 cbkyeoh@gmail.com
[James Bromberger] 0x9D85C53C 8591 20FE 0D9F A6A5 B054 C775 AEC8 2874 9D85 C53C jeb@debian.org
[Delan Azabani] 0x18416AA7 7F21 2455 67B2 3E09 2664 20EF 0548 7476 1841 6AA7 delan@azabani.com
Luke Mercuri 0x1690F8D6 143E 6C0F F6E1 C865 6F71 F5A4 243D 179F 1690 F8D6 mercluke@mercluke.net
Thomas Chung 0xB18A274C 6951 B594 524C E3A9 3734 494F 17E8 091D B18A 274C thomas@nomology.id.au
Karl-Johan Karlsson 0x331FAE7D 5893 644B 7783 B5D3 9FD7 F4C6 01BA C4B5 331F AE7D creideiki@lysator.liu.se
Brendan O'Dea 0xEBDDBB60 52D5 B159 3D7F D914 6A5A 6307 1C7C 41ED EBDD BB60 bod@debian.org
Nathan Rickerby 0xC99822D9 E123 4567 F324 185C 70B4 DF2C 2542 D563 C998 22D9 nathan@rickerby.id.au
Anibal Monsalve Salazar 0x947897D8
C604 5C81 3887 B77C 2DFF 97A5 7C56 ACFE 9478 97D8
83C5 0FF1 7534 757A 89D1 6988 0348 02C7 ACA4 350A
Jason Lewis 0x505E764E B10B 2E72 BB30 FE47 ABC2 F1B9 FA57 1EC7 505E 764E jason@dickson.st
Russell Keith-Magee 0x37BB5BC3 CBE7 4366 F6CA 0A0D 4BA7 D2F8 3D2D AB6A 37BB 5BC3 russell@keith-magee.com
Geordie Millar 0x417605A7 BB70 1BC9 41C7 09AC FFBD 5E14 8A0F 973C 4176 05A7 gm@stackunderflow.com
Sage Weil 0x288995C8 ED53 CB8A 53A2 DE42 87C9 AE98 DA44 20ED 2889 95C8 sage@newdream.net
Adam Baxter 0xF14914D3 C479 701B BB7A 73A2 F324 CAAF 266E 8B7D F149 14D3 voltagex@voltagex.org
Nick Bannon 0x40596887 8725 9E9B 6358 BFFD 5E4B 4D4B 0F03 907C 4059 6887 nick-gpg@rcpt.to

At the event

We will need someone to collate the keys and print them out. Please let us know how many we should print and where to print them.

What we did last year was go to a lecture theatre with a projector. Each person stands up, shows their photo id and read their fingerprint aloud. printouts of everyone's fingerprints were provided so you can tick off as you go This worked ok but took a long time to get through everyone.

Getting the keys

Most of the keys should be available through public key servers, for your convenience I (Daniel) have collected the keys into one place. As this wiki does not like me uploading text documents I have put them at the url lca2014.dns.id.au All the keys concatenated into a file can be downloaded from here

Below is the md5sum of the keyring:

f44c1603ca806a1bc4c00e57fb49a8ac  fingerprint
9ff4d079994b93e2c9816020c4f286ce  fingerprint.asc
e6ed4d53ea070f7a5cc1853cdb90ee30  keyring
f86795932e486f916818d30213e99bac  keyring.asc

Below is the sha512 sum of the keyring

51a190406f4699ad6655495cafcce4d801c024d501f9caf61a9f1b5b708501c17f0e864ba69da67f3d168708f061cd3a97180b023a7a67b10d33bfd20b2bd3da  fingerprint
c0177a3523b5c51579c41c1f52a4e3b2fb287e351288a421f2a0af9f4ef0ad9cfc690f0c55e5636281cd4b90307539647e881d5961b42c4f45a41982d218ba37  fingerprint.asc
7acb7930af3740b190ceac23614d651ef3042bb57ca77e44eaaa88890cb078b5b75b914444f617c9d4da3fbf5a41b3d31c419829a19b61823d9bc2428a8092c4  keyring
5cf528b7efb74a900964c66d6249f6c52daefe84663e4681ce22cc663af745696fe57011c228fbcfa982e8b4a013992c6cae8989a5a17422427ee6f6b5ce21be  keyring.asc

Ad hoc Signing

Put your fingerprint on a piece of paper and hand it out to people. No need to do it formally just swap as you meet.

Things to watch out for:

  • does it match thair name
  • Does the person have a key with that fingerprint, do the numbers match.
  • know that anyone can generate a key and claim an email address
  • if someone can be bothered they can keep trying to generate a key with the first 8 digits the same as another key but getting the whole fingerprint is nearly impossible

When you get home

after the event you should have notes of who to trust the next thing to do is sign the key. You can individually sign each key, export the signature and send it to them.

caff is a tool that automates the signing a little. It will sign and send an email (encrypted if possible) containing the signature. It requires some setup but it does make things easier.