PGP Key Signing
Table of Contents:
- What's a key-signing party?
- What do I need for this party?
- Other questions about signing keys?
- Other useful PGP links
- What if I still have a question?
September 6 2005
8:00pm to 8:30pm
The 'party' will start at 8:00 pm and go until at least 8:30 pm or so.
C. What's a key-signing party?
A key-signing party is a get-together with PGP users for the purpose of meeting other PGP users and signing each other's keys. This helps to extend the "web of trust" to a great degree. Also, it sometimes serves as a forum to discuss strong cryptography and related issues.
D. What do I need for this party?
- Physical attendance
- Positive picture ID
- Your Key ID, Key type, HEX fingerprint, and Key size
- A pen or pencil
- Generate a key/Remember your pass phrase
- All participants must submit their public keys to the NORLUG Keymaster: <email@example.com>. The Key Master will compile everyone's key information.
- The Key Master prints a list with everyone's key ID, key type, fingerprint, and key size from the compiled keyrings and distributes copies of the printout at the meeting.
- Attend the party. Bring along a paper copy of your key ID, key type, fingerprint, and key size that you obtained from your own keyring. You must also bring along a suitable photo ID. The key master will instruct the participants at the beginning that they are to make two marks on the listing, one for correct key information (key ID, key type, fingerprint, and key size) and one if the ID check is ok.
- At the meeting, each key owner reads his or her key ID, key type, fingerprint, key size, and user ID from their own printout, not from the distributed listing. This is because there could be an error, intended or not, on the listing. This is also the time to tell which ID's to sign or not. If the key information matches your printout then place a check-mark by the key.
- After everyone has read their key ID information, all participants will form a line.
- The first person walks down the line having every person check their ID.
- The second person follows immediately behind the first person and so on.
- If you are satisfied that the person is who they say they are, and that the key on the printout is theirs, you place another check-mark next to their key on your printout.
- Once the first person cycles back around to the front of the line, that person has now checked all the other IDs and ID has been checked by all others.
- After everyone has identified himself or herself the formal part of the meeting is over. You are free to leave or to stay and discuss matters of PGP and privacy (or anything else) with fellow PGP users. If everyone is punctual the formal part of the evening should take less than an hour.
- After confirming that the key information on the key server matches the printout that you have checked, sign the appropriate keys. Keys can only be signed if they have two check-marks.
- Send the signed keys back to the keyserver, and to the keymaster.
- Use those keys as often as possible.
E. Other questions about signing keys?
If you are a complete newbie, and know nothing about PGP keys, etc., check out the GPG for Newbies document from linux.com.
You may want to read the Keysigning Party Howto which includes an explanation of the concepts behind keysigning, instructions for hosting a keysigning party, instructions for participating in a keysinging party, and step by step instructions for signing other's keys.
If you're looking for quick answers you may want to look to the questions and answers from the PGP FAQ. It contains a lot of other good information.
F. Other useful PGP links
A few more links for PGP newbies, or those who wish to re-acquaint themselves.
- <http://www.pgpi.org> -- The International PGP Home Page
- <http://www.pgpi.org/download/> -- Download PGP
- <http://www.gnupg.org> -- GNU PGP (Linux)
- <http://www.pgpi.org/products/tools/search/> -- PGP Tools, Shells, and Plugins
G. What if I still have a question?
If you'd like some help answering it, you can contact the NORLUG Keymaster/event coordinator via email at <firstname.lastname@example.org>.