Difference between revisions of "User:Midnightcomm/key signing party"
Midnightcomm (talk | contribs) |
Midnightcomm (talk | contribs) |
||
| Line 1: | Line 1: | ||
A '''key signing party''' is an event where people present their PGP-compatible keys to others in person. An individual's key is than digitally signed by the other attendees—only if they are confident that the key actually belongs to the person who claims ownership. This is usually done by comparing the individual's public key ''fingerprint,'' and photo ID (such as a drivers license or passport). | A '''key signing party''' is an event where people present their PGP-compatible keys to others in person. An individual's key is than digitally signed by the other attendees—only if they are confident that the key actually belongs to the person who claims ownership. This is usually done by comparing the individual's public key ''fingerprint,'' and photo ID (such as a drivers license or passport). | ||
| − | + | == What to Bring == | |
* Pencil or Pen | * Pencil or Pen | ||
* [[#Print_key_Fingerprint|Printed copy]] of your key ID, key type, key fingerprint, and key size. | * [[#Print_key_Fingerprint|Printed copy]] of your key ID, key type, key fingerprint, and key size. | ||
| + | |||
| + | Please do not bring a computer to the party. | ||
Revision as of 14:25, 28 June 2007
A key signing party is an event where people present their PGP-compatible keys to others in person. An individual's key is than digitally signed by the other attendees—only if they are confident that the key actually belongs to the person who claims ownership. This is usually done by comparing the individual's public key fingerprint, and photo ID (such as a drivers license or passport).
Contents
What to Bring
- Pencil or Pen
- Printed copy of your key ID, key type, key fingerprint, and key size.
Please do not bring a computer to the party.
Before the Party
Install the GNU Privacy Guard
GPG is a free replacement for PGP, and is included with nearly all Linux distributions. To verify that you have GnuPG installed, open a terminal window and type:
which gpg
If you get which: no gpg in ... than you need to install it.
Generate Key
If you don't already have a GPG key one must be generated.
gpg --gen-key
For the first three questions just press Enter.
You will be asked for:
- your real name
- email address
- a comment optional
After confirming everything GnuPG will ask for a password. Now, GnuPG will generate a new key for you. Move your mouse around as GnuPG needs random data to work with. It's usually a good idea to produce a revocation certificate after making your new key.
Print key Fingerprint
gpg --fingerprint example@localhost
Replace example@localhost with the email address you gave GnuPG earlier. If it looks okay, print the output and bring it with you on July 11, 2007.
gpg --fingerprint example@localhost | lpr -o landscape
- Example Output
pub 1024D/7A63CF54 2007-06-28
Key fingerprint = 3553 89D7 8959 5663 41C9 4273 EB4D 7D03 7A63 CF54
uid Test User <example@localhost>
sub 2048g/0CCBEF4B 2007-06-28
