lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20111013204720.GB13510@master.debian.org>
Date:	Thu, 13 Oct 2011 16:47:20 -0400
From:	Aníbal Monsalve Salazar <anibal@...ian.org>
To:	linux-kernel@...r.kernel.org
Cc:	NYC Debian List <debiannyc@...eo.org>,
	Daniel Kahn Gillmor <dkg@...thhorseman.net>,
	Aníbal Monsalve Salazar <anibal@...nel.org>
Subject: {kernel,debian}.org KSP for the NYC area: October 19, 2011

Subject: Re: wednesday 2011-10-19 7pm at PST -- beer and meetup?

On Thu, Oct 13, 2011 at 04:18:50PM -0400, Daniel Kahn Gillmor wrote:
>hey folks--
>
>what say y'all to meeting up for a social hour or three at Pacific
>Standard this coming Wednesday evening at 7pm?  anibal@...ian.org will
>be in town, and possibly some other free software folks will come too.
>
>This might be an opportunity for linux kernel folks to meet up and sign
>keys too, so bring keysigning info if you want to participate in that
>kind of interaction.
>
>Looking forward to seeing everyone,
>
>	--dkg
>

On Thursday October 19, 2011 at Pacific Standard [1] from 19:00 to
20:00, I and Daniel will hold a KSP. 

[1] http://pacificstandardbrooklyn.com/

Please forward this message to other interested people.

Please send your key details (see requieremt #2 below) to
anibal@...ian.org to compile everyone's key information.

Questions? Write to anibal@...ian.org and dkg@...ian.org.

Please read below the KSP requirements.

On Thu, Oct 13, 2011 at 11:31:54AM -0400, Theodore Ts'o wrote:
>
>I will be holding a key signing party in Cambridge on Tuesday, October
>18, from 4-5pm for folks in the Boston greater metropolitan area.
>
>Anyone who is interested should send me their key-id by Tuesday noon
>US/Eastern, and I will give those folks the details about where we will
>be holding the key signing party.   Please put "BOSTON KEY SIGNING" in
>the subject line.
>
>Please feel free to forward this to any fellow kernel devs who might not
>be reading LKML.
>
>    	    	  	   	   	   - Ted
>
>
>What's a key-signing party?
>
>A key-signing party is a get-together with PGP users for the purpose of
>meeting other PGP users and signing each other's keys. This helps to
>extend the "web of trust" to a great degree. Also, it sometimes serves
>as a forum to discuss strong cryptography and related issues.
>
>What do I need for this party?
>
>Required Items
>Physical attendance
>Positive picture ID
>Your Key ID, Key type, HEX fingerprint, and Key size
>A pen/pencil or whatever you'd like to write with....
>NO computer
>
>Required Process
>
>1.  All attendees send their public keys to a public keyserver. For this
>party, we'll use keyserver.cryptnet.net. If for some reason you don't
>want your key to be in a public keyserver, but still want to
>participate, please let me know.
>
>2.  All attendees send their key ID, key type, fingerprint, and key size to
>the host, tytso@....edu, who will compile everyone's key information.
>
>3.  The host prints a list with everyone's key ID, key type,
>fingerprint, and key size from the compiled keyrings and distributes
>copies of the printout at the meeting.
>
>4.  Attend the party. Bring along a paper copy of your key ID, key type,
>fingerprint, and key size that you obtained from your own keyring. You
>must also bring along a suitable photo ID. Instruct the attendees at the
>beginning that they are to make two marks on the listing, one for
>correct key information (key ID, key type, fingerprint, and key size)
>and one if the ID check is ok.
>
>5. At the meeting each key owner reads his key ID, key type,
>fingerprint, key size, and user ID from his own printout, not from the
>distributed listing. This is because there could be an error, intended
>or not, on the listing. This is also the time to tell which ID's to sign
>or not. If the key information matches your printout then place a
>check-mark by the key.
>
>6. After everyone has read his key ID information, have all attendees
>form a line.
>
>7. The first person walks down the line having every person check his
>ID.   The second person follows immediately behind the first person and
>so on.
>
>8.  If you are satisfied that the person is who they say they are, and
>that the key on the printout is theirs, you place another check-mark
>next to their key on your printout.
>
>9.  Once the first person cycles back around to the front of the line he
>has checked all the other IDs and his ID has been checked by all others.
>
>10. After confirming that the key information on the key server matches
>the printout that you have checked, sign the appropriate keys. Keys
>should only be signed if they have two check-marks.  If you are using
>Debian or Ubuntu, the "caff" (certifying authority fire and forget)
>script can be found in the "signing-party" package along with other
>useful scripts, which makes it much easier to sign the keys.  For
>Fedora, the "caff" script can be found in the "pgp-tools" package.
>
>11.  Send the signed keys back to the keyservers, or to owners of the
>key.
>
>Other questions about signing keys?
>
>You may want to read the Keysigning Party Howto which includes an
>explanation of the concepts behind keysigning, instructions for hosting
>a keysigning party, instructions for participating in a keysinging
>party, and step by step instructions for signing other's keys.

Download attachment "signature.asc" of type "application/pgp-signature" (836 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ