60th IETF PGP Key Signing Party for San Diego

Jeffrey Hutzelman <jhutz@cmu.edu> Wed, 04 August 2004 16:25 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org []) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA15420; Wed, 4 Aug 2004 12:25:52 -0400 (EDT)
Received: from megatron.ietf.org ([]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1BsOdl-0002eD-58; Wed, 04 Aug 2004 12:29:21 -0400
Received: from localhost.localdomain ([] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1BsOBu-0003kJ-4m; Wed, 04 Aug 2004 12:00:34 -0400
Received: from odin.ietf.org ([] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Bs5xn-00075g-0o for ietf-announce@megatron.ietf.org; Tue, 03 Aug 2004 16:32:47 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org []) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA09621 for <ietf-announce@ietf.org>; Tue, 3 Aug 2004 16:32:45 -0400 (EDT)
Received: from opene-130-129-130-197.ietf60.ietf.org ([] helo=liandra.pc.cs.cmu.edu) by ietf-mx.ietf.org with smtp (Exim 4.33) id 1Bs60u-0000rl-R3 for ietf-announce@ietf.org; Tue, 03 Aug 2004 16:36:02 -0400
Received: from liandra.pc.cs.cmu.edu ([]) by liandra.pc.cs.cmu.edu id aa30981; 3 Aug 2004 13:32 PDT
Date: Tue, 03 Aug 2004 13:32:26 -0700
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: ietf-announce@ietf.org
Message-ID: <94380000.1091565146@liandra.pc.cs.cmu.edu>
X-Mailer: Mulberry/3.0.3 (Linux/x86)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0fa76816851382eb71b0a882ccdc29ac
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Wed, 04 Aug 2004 12:00:32 -0400
Subject: 60th IETF PGP Key Signing Party for San Diego
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b280b4db656c3ca28dd62e5e0b03daa8
Content-Transfer-Encoding: 7bit

Once again, we will be holding a PGP Key signing party at the IETF
meeting in San Diego.  We have been scheduled to meet at 10:30pm on
the evening of Wednesday, August 3, 2004 in the 'Marina 5' room.
(Note that if the IETF Business Meeting Plenary runs over, we will start
approximately 5 minutes *after* the Wednesday evening Plenary finishes.)
The procedure we will use is the following:

o People who wish to participate may do so in one of two ways. You may
  bring slips of paper with your name, e-mail address, key-id, and key
  fingerprint. (One way of generating this if using gpg is "gpg
  --list-keys --fingerprint my_username@hostname") You should bring
  enough for everyone who may attend; given recent attendance patterns,
  between 20 and 50 should be plenty. (You can generally fit 10-12
  strips containing your key fingerprint on a single sheet of paper, and
  then cut out strips to hand out.)

o Alternatively, you may email an ASCII extract of their PGP public key
  to <jhutz@cmu.edu> by noon on Wednesday, August 3, 2004. Please
  include a subject line of "IETF PGP KEY", and please DO NOT
  MIME-ENCRYPT your e-mail. Send it to me as plain text, and do NOT
  base-64 encode things. (My process is not quite as automated as Ted's,
  so I'll probably be able to notice and fix any problems, but it's
  better not to take chances).

  The method of generating the ASCII extract under Unix is:

     pgp -kxa my_email_address mykey.asc (pgp 2.6.2)
     pgpk -xa my_email_address > mykey.asc (pgp 5.x)
     gpg --export -a my_email_address > mykey.asc (gpg)

  If you're using Windows or Macintosh, hopefully it will be Intuitively
  Obvious (tm) using the GUI interface how to generate an ASCII armored
  key that begins "-----BEGIN PGP PUBLIC KEY BLOCK-----".

o By 9pm on Wednesday, you will be able to fetch complete key ring
  from any of the following locations with all of the keys that were


o At 10:30pm, come prepared with the PGP Key fingerprint of your PGP
  public key; we will have handouts with all of the key fingerprints of
  the keys that people have mailed in.

o In turn, readers at the front of the room will recite people's keys;
  as your key fingerprint is read, stand up, and at the end of reading
  of your PGP key fingerprint, acknowledge that the fingerprint as read
  was correct.

o Later that evening, or perhaps when you get home, you can sign the
  keys corresponding to the fingerprints which you were able to verify
  on the handout; note that it is advisable that you only sign keys of
  people when you have personal knowledge that the person who stood up
  during the reading of his/her fingerprint really is the person which
  he/she claimed to be.

o Send the signed keys to the owners, and, optionally, to the PGP key
  servers. Some poeple opt to NOT send the signed keys to the
  keyservers, but rather choose to send them only to the e-mail address
  on the key's userid, encrypted for that particular key. This tends to
  ensures the validity of the e-mail address.

Note that you don't have to have a laptop with you; if you don't have
any locally trusted computing resources during the key signing party,
you can make notes on the handout, and on the strips of papers, and then
take these and sign the keys later.

Acknowledgement: The bulk of the text of this message was taken from the
messages usually sent by Ted Ts'o to announce IETF key signing parties.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA

IETF-Announce mailing list