SouthEast LinuxFest is
happening this upcoming weekend. I offered to host a PGP (I'll
substitute PGP for GPG, GnuPG, and other iterations) keysigning and
CACert Assertion event and have been scheduled for 6:30 PM in the Red
Hat Ballroom. Since there is a little bit of planning needed on the
part of the participant I'm writing this to help the event run smoothly.
Participating in the PGP Keysigning Event
If you haven't already, generate your PGP
Setting up your particular mail client (MUA) is more than what I'll
discuss here but there is plenty of resources on the Internet. Send me
(firstname.lastname@example.org - signed, preferably encrypted to
fingerprint of your PGP key no later than 3:00PM on Saturday afternoon.
If you don't send me your fingerprint by that time you'll be responsible
for providing it to everyone at the keysigning event on paper.
Obtaining your key's fingerprint can be done as follows:
$ gpg --fingerprint 024bb3d1
pub 4096R/024BB3D1 2011-08-11 [expires: 2015-01-01]
Key fingerprint = 097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
uid Eric Harlan Christensen <email@example.com>
uid Eric "Sparks" Christensen <firstname.lastname@example.org>
uid Eric "Sparks" Christensen <email@example.com>
uid Eric "Sparks" Christensen <firstname.lastname@example.org>
uid [webp image of size 2103]
uid Eric Harlan Christensen <email@example.com>
sub 3072R/DCA167D5 2013-02-03 [expires: 2023-02-01]
sub 3072R/A9D8262F 2013-02-03 [expires: 2023-02-01]
sub 3072R/56EA1030 2013-02-03 [expires: 2023-02-01]
Just send me the "Key fingerprint" portion and your primary UID (name
and email address) and I'll include it on everyone's handout. You'll
need to bring your key fingerprint on paper for yourself to verify that
what I've written on the paper is, indeed, correct.
At the event we'll quickly do a read of all the key fingerprints and
validate them as correct. Then we'll line up and do the ID check. Be
sure you bring a photo ID with you so that we can validate who you are
with who you claim to be to the authorities. People are generally okay
with a driver's license; some prefer a passport. Ultimately it's up to
the individual what they will trust.
CACert is a free certificate authority that
signs X509 certificates for use in servers, email clients, and code
signing. If you are interested in using CACert you need to go sign up
for an account before the
event. Once you have established an account, login and select "US - WoT
Form" from the CAP Forms on the right-side of the page. Print a few of
these forms and bring them with you (I hope to have a final count of the
number of assurers that will be available but you'll need one form per
assurer). You'll need to present your ID to the assurer so they can
verify who you are. They will then award you points in the CACert
If you have any questions about the event feel free to ask them here
(using a comment) or email me at firstname.lastname@example.org.