Re: pgp signing in van
Scott Kitterman <scott@kitterman.com> Sat, 07 September 2013 01:43 UTC
Return-Path: <scott@kitterman.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0E2521F8AD5 for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 18:43:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nbLQh7b-VEP2 for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 18:43:25 -0700 (PDT)
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [208.43.65.50]) by ietfa.amsl.com (Postfix) with ESMTP id 9F17421F8267 for <ietf@ietf.org>; Fri, 6 Sep 2013 18:43:25 -0700 (PDT)
Received: from mailout03.controlledmail.com (localhost [127.0.0.1]) by mailout03.controlledmail.com (Postfix) with ESMTP id E20E0956001; Fri, 6 Sep 2013 21:43:23 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2007-00; t=1378518204; bh=dsn1JY5tgcHzDbxKJQdGBLAlfutKtMP7gEjU2AOiFpM=; h=In-Reply-To:References:Subject:From:Date:To:From; b=jl3uhn46ZH6Bnze3dvJ9NP44ztuip5ZtQcdPy7r4r3AWRajhb7Ni/aNC9nhLgtLHI 68rChzhClsQ4ufgr1LM5CaK47DcEfizq4kStIfGfS1CqhRcAbcaQseZo4G/+Tfqjby ohe6q6eOnDhFFt3MhfLJ55SoIxpl+O2xkg/H2MS8=
Received: from [192.168.111.106] (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 746B6D0404D; Fri, 6 Sep 2013 21:43:23 -0400 (EDT)
User-Agent: K-9 Mail for Android
In-Reply-To: <CAMm+Lwg6PGBLHvXrsNMhF-9Z_fSEo-+CWO-gdJedxk-Za62OVw@mail.gmail.com>
References: <m2zjrq22wp.wl%randy@psg.com> <2309.1378487864@sandelman.ca> <522A5A45.7020208@isi.edu> <CAMm+Lwg6PGBLHvXrsNMhF-9Z_fSEo-+CWO-gdJedxk-Za62OVw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Subject: Re: pgp signing in van
From: Scott Kitterman <scott@kitterman.com>
Date: Fri, 06 Sep 2013 21:43:41 -0400
To: IETF Disgust <ietf@ietf.org>
Message-ID: <f1de5fb1-677d-4bcc-b8fd-4cb97f03e963@email.android.com>
X-AV-Checked: ClamAV using ClamSMTP
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Sep 2013 01:43:30 -0000
Phillip Hallam-Baker <hallam@gmail.com> wrote: >On Fri, Sep 6, 2013 at 6:42 PM, Joe Touch <touch@isi.edu> wrote: > >> >> >> On 9/6/2013 10:17 AM, Michael Richardson wrote: >> >>> >>> I will be happy to participate in a pgp signing party. >>> Organized or not. >>> >>> I suggest that an appropriate venue is during the last 15 minutes of >the >>> newcomer welcome and the first 15 minutes of the welcome reception. >>> >>> Because: >>> 1) the WG-chairs and IESG will all be there, and a web of trust >>> still needs some significant good connectivity, and we already >>> know each other rather well, without needing "ID" >>> (I am not interested myself in verifying anyone's >NSA^WGovernment >>> identity. I don't trust that Certification Authority...) >>> >>> 2) getting newbies on-board, meeting them well enough to sign >>> their key seems like a good thing. >>> >> >> And whose key would you sign? Anyone who showed up with a form of ID? >> >> I've noted elsewhere that the current typical key-signing party >methods >> are very weak. You should sign only the keys of those who you know >well >> enough to claim you can attest to their identity. >> >> If that's the case, how will this get newbies on-board except to >invite >> them to have keys whose signatures aren't relevant, and to devalue >the >> trust in WG-chairs and IESG members? >> >> Joe >> > >I can write a key ceremony spec. I have done that before. > >Almost everyone arriving in Vancouver will have a passport in any case. >The >protocol will probably be something like provide your key etc data in >advance, print something out and present that plus your ID document in >the >ceremony. Here's one approach that works reasonably well: http://www.debian.org/events/keysigning The scripts in the mentioned signing party package make things much easier. Scott K
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Melinda Shore
- pgp signing in van Randy Bush
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Dave Crocker
- Re: pgp signing in van Scott Kitterman
- RE: pgp signing in van l.wood
- Re: pgp signing in van Russ Housley
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Joe Touch
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Joe Touch
- Re: pgp signing in van Scott Kitterman
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Scott Brim
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Melinda Shore
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Pete Resnick
- Re: pgp signing in van Theodore Ts'o
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van John C Klensin
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Hector Santos
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Måns Nilsson
- RE: pgp signing in van l.wood
- Re: pgp signing in van Anshuman Pratap Chaudhary
- Re: pgp signing in van Måns Nilsson
- Re: pgp signing in van Brian Trammell
- Re: pgp signing in van Andrew Sullivan
- Re: pgp signing in van Cyrus Daboo
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Michael Richardson
- Re: pgp signing in van John Levine
- Re: pgp signing in van David Conrad
- Re: pgp signing in van Ted Lemon
- Re: pgp signing in van Peter Saint-Andre
- Re: pgp signing in van Richard Barnes
- Re: pgp signing in van Scott Brim
- Re: [IETF] Re: pgp signing in van Warren Kumari
- What real users think [was: Re: pgp signing in va… Brian E Carpenter
- Re: pgp signing in van Dan York
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Steve Crocker
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: What real users think [was: Re: pgp signing i… Hector Santos
- Re: What real users think [was: Re: pgp signing i… Steve Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Brian E Carpenter
- Re: What real users think [was: Re: pgp signing i… John C Klensin
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: pgp signing in van David Morris
- Re: What real users think [was: Re: pgp signing i… SM
- Re: What real users think [was: Re: pgp signing i… Dave Crocker
- Re: pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: What real users think [was: Re: pgp signing i… Ted Lemon
- Re: not really pgp signing in van John Levine
- Re: not really pgp signing in van Ted Lemon
- Re: What real users think [was: Re: pgp signing i… John R. Levine
- Re: pgp signing in van Arturo Servin
- Re: not really pgp signing in van Scott Kitterman
- Re: What real users think [was: Re: pgp signing i… Phillip Hallam-Baker
- Re: not really pgp signing in van John Levine
- Re: What real users think [was: Re: pgp signing i… John Levine
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van John R Levine
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van John R Levine
- Re: What real users think [was: Re: pgp signing i… Fernando Gont
- Re: pgp signing in van Fernando Gont
- Re: pgp signing in van Ted Lemon
- Re: not really pgp signing in van Brian Trammell
- Re: pgp signing in van t.p.
- Re: not really pgp signing in van Måns Nilsson
- Re: pgp signing in van Ted Lemon
- the evil of html was Re: pgp signing in van t.p.
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: pgp signing in van Paul Wouters
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Martin Thomson
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van John R Levine
- Re: not really pgp signing in van manning bill
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Theodore Ts'o
- Re: not really pgp signing in van Phillip Hallam-Baker
- Re: not really pgp signing in van Ted Lemon
- Re: not really pgp signing in van Yoav Nir
- was: not really pgp signing in van SM
- Re: was: not really pgp signing in van Phillip Hallam-Baker