[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Octconf Key Signing Party
|
From: |
Mike Miller |
|
Subject: |
Re: Octconf Key Signing Party |
|
Date: |
Wed, 27 Aug 2014 10:10:03 -0700 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Wed, Aug 27, 2014 at 11:30:05 -0400, John W. Eaton wrote:
> On 08/27/2014 11:01 AM, Rik wrote:
> >I have PGP keys that could be signed, but two is still not quite a
> >party. If we get a few more yesses then I think we should add it.
Even if there are not enough to warrant a "party", I would still be
interested in doing a one-on-one key exchange with whoever wants to.
Fewer people means it only takes a minute or two :)
> I'd join in, but first I think I should generate a new key(?) because the
> last time I took my current key to a key signing party, people were telling
> me that they wouldn't sign 1024D keys.
Yes, that would be a good idea. The Debian keyring team keeps a good
tutorial for creating stronger 4096R keys and SHA-2 signatures:
http://keyring.debian.org/creating-key.html
You can then sign your new key with your old key, so for those who do
trust your old 1024D key, there is a trust path to your new key. I would
probably not sign the old key with the new key, however.
On Wed, Aug 27, 2014 at 17:19:52 +0200, Juan Pablo Carbajal wrote:
| That's a cool idea! I am sorry I can't go to Octconf...anyway of extending
| the party over the net?
Unfortunately not. Doing it in person permits me to verify that you are
in fact a real person who claims to control a particular key and that
you are in fact the individual that you say you are, typically by way of
a government-issued passport or other photo ID.
Good questions, keep them coming, I am happy to answer, and happy to see
there is some small interest so far :)
--
mike
signature.asc
Description: Digital signature