On Wed, Jan 02, 2008 at 09:13:32PM -0600, Matt Domsch wrote: > On Wed, Jan 02, 2008 at 09:44:23PM -0500, Todd Zullinger wrote: > > If you haven't seen it before, I'd recommend giving a look at the > > "Efficient Group Key Signing Method" by Len Sassaman and Phil > > Zimmermann, documented at http://sion.quickie.net/keysigning.txt > > > > It cuts a lot of the tediousness out of a key signing involving more > > than just a few people. > > yep. That's basically my plan. So far only ~14 people have sent me > keys, so even bicycle chain won't take but a few minutes. I'll email > everyone who has sent keys, and fedora-devel, the instructions early > next week for getting the plaintext list of keys, the keyring I've > compiled from the sent fingerprints, the SHAx sums and the rest. I've compiled the list of keys for the FUDCon keysigning. These 20 are whom I have. If you're not on this list, and still want to participate, you may, details to follow. pub 1024D/92F0FC09 2001-04-16 Matt Domsch <mdomsch@xxxxxxxxxxxx> pub 1024D/BD113717 1997-09-19 Paul W. Frields <stickster@xxxxxxxxx> pub 1024D/116521D9 2000-10-11 David Woodhouse (Insecure work key) <dwmw2@xxxxxxxxxx> pub 1024D/93054260 2001-03-22 Tom Callaway (spot) <tcallawa@xxxxxxxxxx> pub 1024D/1728D29B 2007-12-15 Lee Lorentz (WB0TRA) <lee@xxxxxxxxxxxxxxxx> pub 1024D/CCAF484E 2007-04-17 Ricky Zhou <ricky.zhou@xxxxxxxxx> pub 1024D/99B1F444 2006-04-02 G. Wolfe Woodbury <ggw@xxxxxxxxxxxxxxxxxxx> pub 1024D/7BB612C9 2001-06-02 Kevin Sonney (The Alchemist) <kevin@xxxxxxxxxx> pub 1024D/8929CFFC 2006-12-05 Chris Tyler <chris@xxxxxxxxxxx> pub 1024D/ED00D312 2000-06-21 Douglas E. Warner <silfreed@xxxxxxxxxxxx> pub 1536R/243A1329 1996-12-05 David Woodhouse <david@xxxxxxxxxx> pub 1024D/2E3F0935 2007-05-29 Yaakov Nemoy <loupgaroublond@xxxxxxxxx> pub 1024D/87EF16E8 2007-02-27 Tyler Owen <tyler.l.owen@xxxxxxxxx> pub 1024D/7A47522D 2006-12-22 John Poelstra <poelcat@xxxxxxxxx> pub 1024D/78688BF5 2002-10-03 Nalin Dahyabhai <nalin@xxxxxxxxxxxxx> pub 1024D/3B6A5B89 1999-09-16 Jack Neely <jjneely@xxxxxxxx> pub 2048R/BEAF0CE3 2006-07-04 Todd M. Zullinger <tmz@xxxxxxxxx> pub 1024D/D74908ED 2007-12-31 Eric Harlan Christensen <eric@xxxxxxxxxxxxxxxxxxx> pub 1024D/B05A59F7 2004-03-01 Dennis Gilmore <dennis@xxxxxxxxxxxxxxx> pub 1024D/0D86AF59 2006-01-21 Jonathan Steffan (daMaestro) <jonathansteffan@xxxxxxxxx> See the URL above for the process. Before the keysigning, you _must_ download a copy of http://domsch.com/linux/fedora/fudcon2008/fudcon-keysigning.txt and verify that your key is correct on there. You'll be asked at the keysigning to confirm that your key is correct in that file. Second, you must run both sha1sum and md5sum on the fudcon-keysigning.txt file, and validate that it in fact matches: http://domsch.com/linux/fedora/fudcon2008/fudcon-keysigning.txt.md5sum 0c799b9b70cf87e0039631e0cfd1586a fudcon-keysigning.txt http://domsch.com/linux/fedora/fudcon2008/fudcon-keysigning.txt.sha1sum d3fa0cda1d77cde8608c2506e88cb3cd60764c43 fudcon-keysigning.txt At the keysigning, I'll read these values. Everyone confirms they match, therefore we know your key as listed in the keyring is what everyone expects it to be. Then we each, in order, show our IDs for everyone to validate, and then each person can decide if they want to sign that person's key. After the keysigning, you can use a tool like caff from the pgp-tools package to sign each person's key and mail it to them. I'll see you all next Saturday! Thanks, Matt -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
