PGP Keysigning
From What The Wiki?!
Contents |
Latest News
|
List frozen and available for download! Since noone was attempting to take over the coordination I (Sebastian Krohn) will try to get it going. There is now the final list available for download. (Sorry for some messed up characters. Please blame the Perl script ;-)) What you - as a participant - should now do is:
MD5 (list.html) = d7 43 4d fe 13 9a a6 5b e4 .. .. .. .. .. .. .. SHA1 (list.html) = f89b 3fa6 d980 39b6 d75d .... .... .... .... ....
When will all this take part? It's scheduled for day 3, 18:00 in Tent 4. I think we should start with the Keysigning at about 18:15?
I will bring some extra printouts with me. Don't panic. Help! I was too late putting my key on the list The you still have a chance of getting signed and sign others' key:
After that you can sign the keys on the list and others can sign yours if you handed them a paper stripe. Sorry but we have to put a deadline if this should not end in chaos. |
What and why?
The basic idea of this page is to organize a big PGP key signing party at WTH.
The main intentention of a keysigning is to improve your personal web of trust. When you create a PGP-key, nobody knows if it really belongs to you. (You can create keys for any name you want.) Therefore people meet at keysignings and compare the data on a persons key with its passport or any other official documents. If they believe, that key and person belong to each other, they will sign your key.
So you can improve the trustlevel of your key and you'll also got to know some interesting people.
The keysigning will be held together with other signings, see: the event mentioned in the program
What can I do to take part?
You should follow those steps:
- Create, if not already done, your key. If you'd like to know how to do that, take a look at GPG-Mini-Howto
- Load your public key to one of the usual keyservers:
- subkeys.pgp.net
- random.sks.keyserver.penguin.de
- Put your key ID in the list on this page
- Download the compiled list of all participants after the the now passed deadline and print it.
- Check your key(s) on the list.
- Calculate the MD5- or SHA1-hash of the list and enter these value into the correspondig field.
- Take the list and your passport to WTH and enjoy the keysigning :-)
How does the whole thing work?
We will meet at the above mentioned time and will compare the MD5-/SHA1-values that everyone has calculated for his own. If these values are all equal, everyone has the same version of the list. Hereafter we create a long line and everyone will check fingerprint and passport of its opposite.
When you arrive at home home and you recovered from the WTH-strains, sign all keys which you believe valid.
Suggestion: reading the fingerprints out loud is very tedious and error-prone. Being able to do this visually is much better. I (Iljitsch) once did this by printing a copy of the key info on a transparancy sheet so checking can be done by superimposing the transparant sheet over a user's copy. Another way to do this is to project the fingerprints on a screen.
Who takes part?
- Sebastian Krohn 0x82268497 (msd: 4.1001)
- Sebastian Roth 0x6E2B43DC (msd: 4.3734)
- Tobias Kirschstein 0xD6DED000 (msd: 4.1658)
- Nils Vogels 0xAD3A5AAD
- DWizzy 0x24C56D3B (msd: 4.814)
- BugBlue 0x033849C4 (msd: 4.1174)
- Stefan Schmidt 0xDDF51665 (msd:4.0167) Key statistic
- Thali 0x9287B2E0
- Philipp Drössler 0x198B4E4E
- Kai Münz 0x93E2AF93
- Jan Lübbe 0xD8480F2E
- Andreas Kupfer 0x1D738434
- Iljitsch van Beijnum 0x1B1FC4E6
- Harald Welte 0x30F48BFF
- FooBar (Mark Janssen) 0x357D2178
- pepe (Steffen Schulz) 0xA04D7875
- David Leder 0xE32CD143
- Tobias Lange 0x0043DFB3
- mike castleman 0x7E407AF9
- Vasil Kolev 0x5A798930
- Dapke (Pim van Pelt) 0x4dca7e5e
- tehmaze (Wijnand Modderman) 0x2EA206A6
- Antti Vähä-Sipilä 0x3DE9A7CA
- Enno Lenze 0x45C86402
- Jtb 0x41AD84C2 (msd: 4.4968)
- mc.fly 0x2ECE6D0F
- Miguel van de Laar 0x6FD503FA
- Andreas Müller 0x1AAAC2A4
- Ivana Belgers 0xA89D21A2
- DreckSoft 0xB2270BAD
- Nico Fritschi 0xADF08A7F
- Martien Remijn 0x003FB5A1
- Jeroen Dekkers 0xAC1E715E
- Michael Bramer 0x258d8781
- Hamster 0xAE620038 (msd: 5.0179)
- Nico Wieczorek 0x5B05D8A2
- Hendrik Scholz 0x3D883EA0 (msd:3.92809)
- Stew 0x365A1AD1
- Martin Heistermann 0xBAADDD9D
- Henryk Plötz 0x4D0E0368
- Mario Lipinski 0x56C516B2
- Udo van den Heuvel 0x8300CC02
- Cliff Albert 0x9A9B1C5A (msd: 5.0399)
- Folkert van Heusden 0x1F28D8AE
- Jeroen van Nieuwenhuizen 0xC6AAAF61
- Kurt Roeckx 0x7244970B
- Lewe Zipfel 0x7A9C29EB
- Thomas Kaschwig 0x3D68D63A (msd: 3.9796)
- Sven Schnelle 0x25DA21B1
- Zeno4ever 0x0FAB3351
List frozen here at Mon Jul 25 14:51:10 CEST 2005
Analyze of the current keyring
I've built a little graph to demonstrate the curent web Of trust in this group of people. I will update the graph every few days, if more people are joining the {list,keysigning}. You can find it at http://www.datenfreihafen.org/~stefan/GPG-PGP/KeySigning-WTH-2005/
I'va add an output from the original keyanalyze code, used by Jason Harris. You can find it in the keyanalyze directory. The individual reports are very useful to look, which keys you have already signed.
In the ranking directory you can yet find some files with ranking information for the current keys.
See also
- CAcert
- Thawte WOT
- Keysigning Party HOWTO
- Keysigning at the 21c3 - took text parts from there
- Passport
