[TriLUG] GPG Key signing party

[Ed Warnicke]

--=-xYG2pEaVGkMBJrLrRv6C
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

We could do the following:

1)	Have Tanner gather the keys ( Naturally ).
2)	Have Tanner verify the people at the next meeting.
3)	Have the people verify Tanner ( after all, he should get=20
	something out of this ).
4)	Have Tanner go home and sign and upload the keys of the=20
	people he has verified and upload them.
5)	Have the das Folk go home and sign Tanner's=20
	key and upload it.

While this may be a pain for Tanner, it is quick, get's a lot=20
of people at least somewhat trusted, and makes Tanner VERY trusted.

This differs only slightly from the original proposal, anyone who=20
trusts Tanner ( and there will then be a great many of them )=20
can decide whether they trust people one removed from Tanner, but=20
shouldn't sign the keys without better verification.

Ed
On Sun, 2002-01-06 at 19:31, Kevin - The Alchemist - Sonney wrote:
> On Sun, 2002-01-06 at 18:06, Ed Warnicke wrote:
> > I think that having a general n-way signing event would be more
> > valuable.  Perhaps it would be a better idea to do a meeting on=20
> > GPG and signing/encryption, providing enough info for all present=20
> > to be able to go home and generate their keys ( if they haven't yet )
> > and then do a normal n-way key signing party next time around, in the=20
> > decentrallized format suggested by the Key Signing Party Howto at
> > http://www.cryptnet.net/fdp/crypto/gpg-party.html#toc2 . =20
>=20
> Hmmm. And we have a meeting opening in a month or two. So, any
> volunteers to talk? *grin*
>=20
> > Naturally it would still be a good idea for Tanner to assemble keys of=20
> > those interested in participating.
>=20
> Naturally.
>=20
> > I don't completely object to the process suggested below, but
> > Step 5 of the below suggested proceedure leads to a web of trust=20
> > that artificially looks much stronger than it really is, and that I
> > object to strongly.
>=20
> I tend to agree that it's not as strong, however, I'm also trying
> balance the needs of the non-gpg inclined among us. I'd love to see
> someone do a meeting on the subject, but, in the mean time, I'd like to
> get this ball rolling now, while there's still some momentum behind it.=20
> This is a good starting point, and a good lead-in/teaser for a meeting
> later on. *grin*
>=20
> --=20
> --------------------------------------------
> --      Kevin "The Alchemist" Sonney      --
> --  New email : alchemist@darkcanvas.com  --
> --  http://www.darkcanvas.com/~alchemist  --
> --  ICQ: 4855069            AIM: ksonney  --
> --------------------------------------------
> 320C 0336 3BC4 13EC 4AEC  6AF2 525F CED7 7BB6 12C9
>=20
> "If you'll read the subtext for many of those old strips, you'll find
> the heart of an old-fashioned Libertarian. And I'd be a Libertarian,
> if they weren't all a bunch of tax-dodging professional whiners."
>   -- Berkley Breathed, 2001


--=-xYG2pEaVGkMBJrLrRv6C
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQA8OO5zpqzn7Jq4hlARAnx9AKDHrx/D3iiQhJmcSjiqdzg2mqENEQCbBDv8
VFs9tDlFVaCHg+Osv4IQiNg=
=wjzO
-----END PGP SIGNATURE-----

--=-xYG2pEaVGkMBJrLrRv6C--