ghm-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ghm-discuss] Last chance to participate in keysigning


From: beuc
Subject: Re: [Ghm-discuss] Last chance to participate in keysigning
Date: Fri, 8 Aug 2014 21:44:41 +0200
User-agent: Mutt/1.5.21 (2010-09-15)

Hi,

I didn't receive any confirmation that my key was taken into account
(I sent it a while ago now), and you mention that the keyring will be
finalized after the August 10 dead-line, so...  Is there a way to
ensure everything's OK ? :)

- Sylvain

On Fri, Aug 08, 2014 at 12:38:13PM +0200, address@hidden wrote:
> [ You are receiving this email because you have registered to attend
> the GNU Hackers' Meeting in August 2014. ]
> 
> At GHM 2014, like last year, there will be a keysigning party.
> We will use the Sassaman-Efficient method. See
> http://www.keysigning.org/methods/sassaman-efficient 
> The keyring will be finalised and published next week.
> If you want to participage you must submit your key 
> NO LATER THAN Sunday 10 August 2014 
> Participation, is of course optional, but highly recommended.
> 
> Why would I want to participate?
> ================================
> 
> Two possible reasons:  a) to get your GPG key signed by others; b) to
> verify the keys of other participants.
> 
> Why would I want my key to be signed?
> =====================================
> 
> Having your key signed by as many people as possible makes it harder
> for people to impersonate you on the internet.
> 
> Why would I want to sign other people's keys?
> =============================================
> 
> If you have signed the key of another person, then when you receive
> a signed email from that person, you know it really is from him/her 
> and has not been altered.  Also, GNU Projects use the developers' key
> to sign the source tarballs.  Thus, when you download GNU software and
> you have signed the developers' key, you can be certain that the
> package has not been tampered with.
> 
> How do I participate?
> =====================
> 
> If you wish to participate in the keysigning, email your ascii
> armoured public key to address@hidden with the subject "KEYSIGNING"
> You must do this NO LATER THAN Sunday 10 August 2014 !!!!!!!!
> Use the command:
> 
>  gpg --armor --export substitute-your-key-id | mail -s "KEYSIGNING" 
> address@hidden
> 
> (You can find your own key using the command: gpg --list-secret-keys)
> 
> A week before the event, we will publish the list of keys and the SHA1
> and MD5 checksums.  You should print out the list, and verify the
> checksum of your own key, and the checksum of the list.  Then bring
> that list with you, having first physically signed  or otherwise
> marked all pages such that you will know they have not been substituted.
> 
> You should also bring with you a recognised form of government issued
> photographic identification (eg: passport, government identity card, etc).
> 
> One aspect of this method which is often misunderstood, is that it is
> essential that the participants bring their *own* printed copy of the list. 
> THERE WILL BE NO COPIES DISTRIBUTED AT THE MEETING.  To do so would 
> defeat its purpose.
> 
> What the hell is a GPG key? I don't understand any of the above.
> ================================================================
> 
> GPG is the GNU Privacy Guard.  It is one measure of defence against
> spying on the internet (by government bodies or anyone else).  It
> helps defend yourself against viruses, spywarem, faked email and other
> attacks.  
> 
> If you haven't got a GPG key, you can create your own.  Find out how
> to do this at https://gnupg.org/gph/en/manual.html
> 
> 
> We look forward to meeting you at GHM 2014!



reply via email to

[Prev in Thread] Current Thread [Next in Thread]