[TriLUG] GPG Key signing party

Ed Warnicke hagbard at physics.rutgers.edu
Sun Jan 6 19:40:19 EST 2002 

We could do the following:

1)	Have Tanner gather the keys ( Naturally ).
2)	Have Tanner verify the people at the next meeting.
3)	Have the people verify Tanner ( after all, he should get 
	something out of this ).
4)	Have Tanner go home and sign and upload the keys of the 
	people he has verified and upload them.
5)	Have the das Folk go home and sign Tanner's 
	key and upload it.

While this may be a pain for Tanner, it is quick, get's a lot 
of people at least somewhat trusted, and makes Tanner VERY trusted.

This differs only slightly from the original proposal, anyone who 
trusts Tanner ( and there will then be a great many of them ) 
can decide whether they trust people one removed from Tanner, but 
shouldn't sign the keys without better verification.

Ed
On Sun, 2002-01-06 at 19:31, Kevin - The Alchemist - Sonney wrote:
> On Sun, 2002-01-06 at 18:06, Ed Warnicke wrote:
> > I think that having a general n-way signing event would be more
> > valuable.  Perhaps it would be a better idea to do a meeting on 
> > GPG and signing/encryption, providing enough info for all present 
> > to be able to go home and generate their keys ( if they haven't yet )
> > and then do a normal n-way key signing party next time around, in the 
> > decentrallized format suggested by the Key Signing Party Howto at
> > http://www.cryptnet.net/fdp/crypto/gpg-party.html#toc2 .  
> 
> Hmmm. And we have a meeting opening in a month or two. So, any
> volunteers to talk? *grin*
> 
> > Naturally it would still be a good idea for Tanner to assemble keys of 
> > those interested in participating.
> 
> Naturally.
> 
> > I don't completely object to the process suggested below, but
> > Step 5 of the below suggested proceedure leads to a web of trust 
> > that artificially looks much stronger than it really is, and that I
> > object to strongly.
> 
> I tend to agree that it's not as strong, however, I'm also trying
> balance the needs of the non-gpg inclined among us. I'd love to see
> someone do a meeting on the subject, but, in the mean time, I'd like to
> get this ball rolling now, while there's still some momentum behind it. 
> This is a good starting point, and a good lead-in/teaser for a meeting
> later on. *grin*
> 
> -- 
> --------------------------------------------
> --      Kevin "The Alchemist" Sonney      --
> --  New email : alchemist at darkcanvas.com  --
> --  http://www.darkcanvas.com/~alchemist  --
> --  ICQ: 4855069            AIM: ksonney  --
> --------------------------------------------
> 320C 0336 3BC4 13EC 4AEC  6AF2 525F CED7 7BB6 12C9
> 
> "If you'll read the subtext for many of those old strips, you'll find
> the heart of an old-fashioned Libertarian. And I'd be a Libertarian,
> if they weren't all a bunch of tax-dodging professional whiners."
>   -- Berkley Breathed, 2001

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20020106/30a9a0ee/attachment.pgp>

More information about the TriLUG mailing list