PGP key signing at NANOG 29 in Chicago [REVISED]

• Previous message (by thread): New attack against port 135?
• Next message (by thread): The Earth's not slowing down fast enough to
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[the original mail I sent had the wrong date in the third paragraph; 
this one has the right date. sorry about the confusion.]

There will be a brief introduction to PGP key signing presented in the 
General Session at 11:15 a.m. on Monday, entitled "Building a Web of 
Trust".

New for NANOG 29: you will find stickers available at the checkin desk 
which which you can stick on your name tag. The red dot means "I sign 
keys"; the idea is to make it easier to identify people for whom PGP 
key signing is interesting when you meet them outside the signing 
party.


Key Signing Party

We will be holding a PGP Key signing party at the NANOG 29 meeting in 
Chicago. We have been scheduled to meet on Monday 20 October, after the 
ISP Security and NSP-SEC BOF, at around 9pm in Salon F. If the BOF runs 
on, we will delay a little.

The procedure we will use at the key signing party is as follows:

1. People who wish to participate should email an ASCII extract of 
their PGP public key to <jabley at isc.org> by noon on Monday 20 October 
2003. Please include a subject line of "NANOG PGP KEY", and please 
avoid MIME-encrypting your e-mail if possible.

The method of generating the ASCII extract under Unix is:

   pgp -kxa my_email_address mykey.asc (pgp 2.6.2)

   pgpk -xa my_email_address > mykey.asc (pgp 5.x)

   gpg --export -a my_email_address > mykey.asc (gpg)

If you're using Windows or Macintosh, hopefully it will be Intuitively 
Obvious (tm) using the GUI interface how to generate an ASCII armored 
key that begins:

   -----BEGIN PGP PUBLIC KEY BLOCK-----

2. After 6pm on Monday, you will be able to fetch a complete key ring 
with all of the keys that were submitted from 
<http://www.isc.org/misc/nanog29.pgp> (an ASCII copy will also be 
available from <http://www.isc.org/misc/nanog29.txt>).

3. At 9pm, come prepared with the PGP Key fingerprint of your PGP 
public key; we will have handouts with all of the key fingerprints of 
the keys that people have mailed in.

4. In turn, readers at the front of the room will recite people's keys; 
as your key fingerprint is read, stand up, and at the end of reading of 
your PGP key fingerprint, acknowledge that the fingerprint as read was 
correct.

5. While everybody is in the room together, it's a good chance to 
verify the identities of people whose key fingerprints you have 
checked, if you don't already know them personally. You might want to 
bring photo id with you (drivers licence, passport, etc) to make it 
easier for other people to confirm your identity.

6. Later that day, or perhaps when you get home, you can sign the keys 
corresponding to the fingerprints which you were able to verify on the 
handout; note that it is advisable that you only sign keys of people 
when you have personal knowledge that the person who stood up during 
the reading of his/her fingerprint really is the person which he/she 
claimed to be.

7. Submit the keys you have signed to the PGP keyservers. A good one to 
use is the one at MIT: simply send mail containing the ascii armored 
version of your PGP public key to pgp at pgp.mit.edu.


Note that you don't have to have a laptop with you; if you don't have 
any locally trusted computing resources during the key signing party, 
you can make notes on the handout, and then take the handout home and 
sign the keys later.

• Previous message (by thread): New attack against port 135?
• Next message (by thread): The Earth's not slowing down fast enough to
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]