80th IETF - PGP Key Signing
Jeffrey Hutzelman <jhutz@cmu.edu> Fri, 25 March 2011 19:51 UTC
Return-Path: <jhutz@cmu.edu>
X-Original-To: ietf-announce@core3.amsl.com
Delivered-To: ietf-announce@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A692A3A6838 for <ietf-announce@core3.amsl.com>; Fri, 25 Mar 2011 12:51:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.299
X-Spam-Level:
X-Spam-Status: No, score=-106.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_21=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HB-n-1PQC4om for <ietf-announce@core3.amsl.com>; Fri, 25 Mar 2011 12:51:24 -0700 (PDT)
Received: from smtp03.srv.cs.cmu.edu (SMTP03.SRV.CS.CMU.EDU [128.2.217.198]) by core3.amsl.com (Postfix) with ESMTP id 419D53A682D for <ietf-announce@ietf.org>; Fri, 25 Mar 2011 12:51:23 -0700 (PDT)
Received: from [128.2.216.200] (DESTINY.PC.CS.CMU.EDU [128.2.216.200]) (authenticated bits=0) by smtp03.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id p2PJqvld022372 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-announce@ietf.org>; Fri, 25 Mar 2011 15:52:58 -0400 (EDT)
Subject: 80th IETF - PGP Key Signing
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: ietf-announce@ietf.org
Content-Type: text/plain; charset="UTF-8"
Date: Fri, 25 Mar 2011 15:52:59 -0400
Message-ID: <1301082779.30972.2.camel@destiny>
Mime-Version: 1.0
X-Mailer: Evolution 2.30.3
Content-Transfer-Encoding: 7bit
X-Scanned-By: mimedefang-cmuscs on 128.2.217.198
X-Mailman-Approved-At: Sun, 27 Mar 2011 06:13:47 -0700
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: jhutz@cmu.edu
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Mar 2011 19:51:25 -0000
Once again, we will be holding a PGP Key signing party at the 80th IETF meeting in Prague. We have been scheduled to meet at 1815 on the evening of Tuesday, March 29 in the Barcelona/Berlin rooms. Note that we have a very tight time-slot between the last afternoon session and the IETF social event, so please be on time. The procedure we will use is the following: o People who wish to participate may do so in one of two ways. You may bring slips of paper with your name, e-mail address, key-id, and key fingerprint. (One way of generating this if using gpg is "gpg --list-keys --fingerprint my_username@hostname") You should bring enough for everyone who may attend; given recent attendance patterns, around 50 should be more than enough. (You can generally fit 10-12 strips containing your key fingerprint on a single sheet of paper, and then cut out strips to hand out.) o Alternatively, you may email an ASCII extract of their PGP public key to <jhutz@cmu.edu> by noon on Tuesday, March 29. Please include a subject line of "IETF PGP KEY", and please DO NOT MIME-ENCRYPT your e-mail; send it to me as plain text. The method of generating the ASCII extract under Unix is: pgp -kxa my_email_address mykey.asc (pgp 2.6.2) pgpk -xa my_email_address > mykey.asc (pgp 5.x) gpg --export -a my_email_address > mykey.asc (gpg) If you're using Windows or Macintosh, hopefully it will be Intuitively Obvious (tm) using the GUI interface how to generate an ASCII armored key that begins "-----BEGIN PGP PUBLIC KEY BLOCK-----". o By 1600 on Tuesday, you will be able to fetch complete key ring from any of the following locations with all of the keys that were submitted: /afs/grand.central.org/project/ietf-pgp/ietf80/ietf80.pgp http://grand.central.org/dl/ietf-pgp/ietf80/ietf80.pgp ftp://grand.central.org/pub/ietf-pgp/ietf80/ietf80.pgp o At 1815, come prepared with the PGP Key fingerprint of your PGP public key; we will have handouts with all of the key fingerprints of the keys that people have mailed in. o In turn, readers at the front of the room will recite people's keys; as your key fingerprint is read, stand up, and at the end of reading of your PGP key fingerprint, acknowledge that the fingerprint as read was correct. o Later that evening, or perhaps when you get home, you can sign the keys corresponding to the fingerprints which you were able to verify on the handout; note that it is advisable that you only sign keys of people when you have personal knowledge that the person who stood up during the reading of his/her fingerprint really is the person which he/she claimed to be. o Send the signed keys to the owners, and, optionally, to the PGP key servers. Some people opt to NOT send the signed keys to the keyservers, but rather choose to send them only to the e-mail address on the key's userid, encrypted for that particular key. This tends to ensures the validity of the e-mail address. Note that you don't have to have a laptop with you; if you don't have any locally trusted computing resources during the key signing party, you can make notes on the handout, and on the strips of papers, and then take these and sign the keys later. Acknowledgment: The bulk of the text of this message was taken from the messages usually sent by Ted Ts'o to announce IETF key signing parties. -- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu> Sr. Research Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA
- 80th IETF - PGP Key Signing Jeffrey Hutzelman