Skip to topic | Skip to bottom
Home
Search:

Local

Local.PgpKeysigningr1.2 - 12 Jul 2004 - 10:37 - SoniaHamiltontopic end
You are here: Local > ImcSydney > PgpKeysigning
Start of topic | Skip to actions

PGP Keysigning

We will be having a PGP Keysigning at the Indymedia Oceania Conference 2004.

What is a Keysigning?

A keysigning is an occasion where we can organise for a large number of PGP keys to be signed. Keysignings also serve to strengthen the "web of trust". When you get your key signed by others, people can see that and can have more faith that you are who you say you are. As activists, is also good to be able to encrypt email - articles here, here and here discuss why online privacy and encryption is a good thing.

How will it be run/organised?

Before the keysigning

  • Before July 11th, send your ASCII armoured key to sonia-keysign-imc@NOsnowfrogSPAM.net
  • Sometime after July 12th, a list of all the fingerprints will be made available.
  • Before attending the keysigning, verify that your fingerprint is correct by downloading the file keys.txt. Compute the md5 hash of the fingerprint list, and check it equals 808666246ecf2c064440b5a6f2ff2b6a

At the keysigning

  • Bring a hardcopy (printed) of the fingerprint list, and a copy of the md5sum you recorded (from above), as well as some identification (passport, drivers licence)
  • The reader at the front of the room will read out the md5 hash of the fingerprint list. Verify this matches what you have recorded.
  • In turn, each participant will stand and acknowledge that the fingerprint of his or her key listed is correct. Mark the key verified on your hardcopy. Since we already ensured that everybody has the same copy a simple statement like " yes, this information is correct " is sufficient.
  • After this, people can verify each other's identity, by checking passport or drivers licence, or similar.

After the keysigning

  • Check your hardcopy, and go through and sign keys for which you have checked both boxes.
  • Scripts, such as cabot can help with this.

How to send my key?

gpg --armour --export MYKEYID | mail sonia-keysign-imc@NOsnowfrogSPAM.net

How to generate a md5 hash?

Two possible ways: 

$ md5sum keys.txt
   or
$ gpg --print-md md5 keys.txt

EITHER should give a fingerprint of 808666246ecf2c064440b5a6f2ff2b6a

NOTE: the file keys.txt is now available for downloading from the bottom of this page

More Information

-- SoniaHamilton - 26 Jun 2004 -- SoniaHamilton - 12 Jul 2004
to top

End of topic
Skip to action links | Back to top

I Attachment sort Action Size Date Who Comment
keys.txt manage 2.2 K 12 Jul 2004 - 10:36 SoniaHamilton  

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.2 | > | r1.1 | Total page history | Backlinks
You are here: Local > ImcSydney > PgpKeysigning

to top

Copyright © 1999-2008 by the contributing authors.
All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding this tool? Send feedback (in English, Francais, Deutsch or Dutch).