[TriLUG] GPG Key signing party
06 Jan 2002 19:40:19 -0500
We could do the following:
1) Have Tanner gather the keys ( Naturally ).
2) Have Tanner verify the people at the next meeting.
3) Have the people verify Tanner ( after all, he should get=20
something out of this ).
4) Have Tanner go home and sign and upload the keys of the=20
people he has verified and upload them.
5) Have the das Folk go home and sign Tanner's=20
key and upload it.
While this may be a pain for Tanner, it is quick, get's a lot=20
of people at least somewhat trusted, and makes Tanner VERY trusted.
This differs only slightly from the original proposal, anyone who=20
trusts Tanner ( and there will then be a great many of them )=20
can decide whether they trust people one removed from Tanner, but=20
shouldn't sign the keys without better verification.
On Sun, 2002-01-06 at 19:31, Kevin - The Alchemist - Sonney wrote:
> On Sun, 2002-01-06 at 18:06, Ed Warnicke wrote:
> > I think that having a general n-way signing event would be more
> > valuable. Perhaps it would be a better idea to do a meeting on=20
> > GPG and signing/encryption, providing enough info for all present=20
> > to be able to go home and generate their keys ( if they haven't yet )
> > and then do a normal n-way key signing party next time around, in the=20
> > decentrallized format suggested by the Key Signing Party Howto at
> > http://www.cryptnet.net/fdp/crypto/gpg-party.html#toc2 . =20
> Hmmm. And we have a meeting opening in a month or two. So, any
> volunteers to talk? *grin*
> > Naturally it would still be a good idea for Tanner to assemble keys of=20
> > those interested in participating.
> > I don't completely object to the process suggested below, but
> > Step 5 of the below suggested proceedure leads to a web of trust=20
> > that artificially looks much stronger than it really is, and that I
> > object to strongly.
> I tend to agree that it's not as strong, however, I'm also trying
> balance the needs of the non-gpg inclined among us. I'd love to see
> someone do a meeting on the subject, but, in the mean time, I'd like to
> get this ball rolling now, while there's still some momentum behind it.=20
> This is a good starting point, and a good lead-in/teaser for a meeting
> later on. *grin*
> -- Kevin "The Alchemist" Sonney --
> -- New email : firstname.lastname@example.org --
> -- http://www.darkcanvas.com/~alchemist --
> -- ICQ: 4855069 AIM: ksonney --
> 320C 0336 3BC4 13EC 4AEC 6AF2 525F CED7 7BB6 12C9
> "If you'll read the subtext for many of those old strips, you'll find
> the heart of an old-fashioned Libertarian. And I'd be a Libertarian,
> if they weren't all a bunch of tax-dodging professional whiners."
> -- Berkley Breathed, 2001
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----