I’ve had to use my GPG key more and more these days to prove that I sent something. Let’s get together and have a key signing party, which develops the “web of trust” integral to public key systems.
Key signing party - Wikipedia
You’d need to bring, at a minimum, your state-issued ID (TX DL is fine). Current Military ID or US Passport is also acceptable. Needless to say, you’ll need to have generated a public/private keypair to have signed. We can help you do that ON YOUR OWN LAPTOP WHICH YOU BRING, as you wouldn’t want someone keylogging the passphrase you use to protect your private key.
Note that signing someone’s key does not mean you agree with the garbage they spout, just that you have personally verified with a Mark-1 eyeball meeting that the person with that key is who they say they are.
Any takers?
1 Like
I am in. 12345678901234567890
Count me in! I have an existing key pair I regularly use and would like to get it signed once or twice more.
jb
Interested, but know very little about the practical aspects of cryptography.
Two things I’d modify:
-
Always set your keys to expire some time in the future. This will help you out when you accidentally delete all copies of your private key.
-
Create a revocation certificate and keep it on a CD in your safe. This will allow you to revoke your key if you’ve lost control (ie. someone got a copy and knows the passphrase to unlock it).
https://pgp.mit.edu/faq.html
1 Like
I’m Game!
I’m also a CACert Assurer so if your got ssl keys from cacert.org and want to get yours vetted then I’ll be glad to verify at the signing party (or the XM Core meetup)
So when’s the party?
-DS
Pubkey: 0xc55c6434fc13f74b
Best to do a yearly expire and set a calendar reminder(because it helps!) to update.