Viewable With ANY Browser

Note: My Web pages are best viewed with style sheets enabled.

Unrated

This announcement is for an event that was cancelled.
However, it illustrates how a key-signing party might be conducted.

OpenPGP users in
Ventura and Los Angeles Counties, California,
are invited to a PGP key-signing party
on Sunday, 25 January 2009,
CANCELLED
at 11:00 am
at the home of
David Ross
in Oak Park

Please register by 11 January 2009

Light refreshments will be served

OpenPGP Key-Signing Party

Copyright © 2001-2005, 2008 by David E. Ross

Location

Qualified keys

Preparing for the party

The conduct of the party

Registering


Location

Oak Park is an unincorporated community in eastern Ventura County, immediately adjacent to Los Angeles County. The community is reached via the Kanan Rd or Lindero Canyon Blvd off-ramps of the Ventura Freeway (US 101). My house is approximately 2.5 miles north of the freeway.

The following cities are within 10 miles of Oak Park:

The following additional cities are within 20 miles of Oak Park:

I will disclose my address to those who register for the key-signing party by the 11 January deadline.


Registering

*** Begin Right Sidebar ***

Key ID (hex):  

Key fingerprint (hex):

Key size (bits):  

Key type: 
    RSA-v.3 RSA-v.4  DSS/DH

Primary user ID:

Any other user IDs:  

Comments:

*** End Right Sidebar***

To attend this key-signing party, you must register. Download a copy of the contents of the white box at the right (using this link) and paste it into the composition window of your E-mail application.

Edit the message to provide the necessary data. Under Key type, remove the type that does not apply. Please provide the complete user ID, including both your E-mail address and any other text (e.g.: your name). Under Comments, indicate if you want an RSA v.3 key to be handled with the DSS/DH keys; also explain any ADK. For DSS/DH keys, Size should include both key sizes.

Before sending the message, sign the message using the key identified in the registration. Unsigned registrations cannot be accepted.

The message should be sent to me at I am @ david at rossde dot com with the Subject: PGP Key-Signing Party. Please send the message ASCII-formatted and not HTML-formatted.

Please register separately for each public key. This is necessary so that I can verify that you indeed possess each related private key and passphrase.

After the key-signing party, I will delete all registration and RSPV messages.


Qualified Keys

If you wish to participate in this key-signing party, your OpenPGP keys must satisfy the following qualifications:


Preparing for the Party

Here, I describe the behind-the-scenes preparation for the key-signing party. No, you do not have to read this. Although one of the two major uses of OpenPGP is to hide information through encryption, however, assured use of OpenPGP requires that all operations be open for public review.

I am taking the following steps to prepare for the key-signing party:

  1. Install this Web page, describing the party.
  2. Post announcement messages in the alt.security.pgp and comp.security.pgp.discuss newsgroups.
  3. Post second announcement messages in those newsgroups two weeks later.
  4. As a PGP-signed registration message is received:
  5. Close registration on 11 January.
  6. To those who sent RSVP messages (the deadline is 19 January), reply with my home address and phone number and with driving instructions.
  7. Prepare a chart of the key properties on the RSA-only and DSS/DH keyrings and print copies.

The Conduct of the Party

The following substantially repeats the copyrighted information in Kevin W. Herron's Keysigning Party Guide and is used with his permission.

Items required

To participate in this key-signing party:

Having a computer would be a hindrance

We will not be using any computers during the key-signing party.

The process

  1. At the beginning, I will hand out printed copies of the key properties to each attendee.
  2. In turn, each key owner reads the key ID, key type, fingerprint, key size, and user ID from the paper that he brought, not from the distributed listing. This is when each person asserts ownership of his key. If the owner's information matches the printout I distributed, then the other participants place a checkmark by the key. Also, if a key has more than one user ID, the owner should indicate whether those IDs should be signed or only the primary ID should be signed.
  3. After all keys have been identified, the attendees form a line. The first person walks down the line, having the other attendees check her IDs and again identifying her key. Upon reaching the end of the line, that person takes her place in line. The second person follows immediately behind the first person and so on. As long as each attendee checks the IDs of all other attendees, several may be walking down the line at the same time. If you are satisfied that a person is who he says he is, and that the key on the printout is his, you place another checkmark next to his key on your printout. Once the first person cycles back around to the front of the line, she has checked all the other IDs and her ID has been checked by all others.

    On the listing I distribute, two checkmarks for a key mean that the owner of the key has indeed been verified. Attendees should retain their copies of the listing for use in later steps.

  4. After each person has identified himself or herself, the formal part of the meeting is over. You are free to leave or to stay and discuss matters of OpenPGP and privacy (or anything else) with fellow OpenPGP users. If everyone is punctual the formal part of the event should take less than less than an hour.
  5. Afterwards, I will provide a copy of each of the RSA-only and DSS/DH keyrings via my Web site. I will send a message with the URLs to all attendees.

    graphic of page being signed

  6. Each participant is to load the keys from my Web site into his own public keyring. After confirming that the key information on the keyring matches the printout that that was checked, sign the appropriate keys — those that have two checkmarks on the print-out. (With newer versions of PGP, the verification of properties may be done in the Import window prior to adding the keys to the public keyring.)

    NOTE: Keys from the RSA-only keyring should be signed only by other RSA v.3 keys. Keys on the DSS/DH keyring may be signed by both RSA and DSS/DH keys.

  7. Each participant is responsible for uploading the keys he or she signed to a public key server. This should be completed by 1 February (one week after the party).
  8. Allowing a week for signed keys to propagate through the various networks of key servers, participants should wait until 8 February to download the signed keys from public key servers to capture the other signatures from the party. (This is a generous delay. I often see keys propagate in minutes, not days.)

30 November 2008


Valid HTML 4.01