Greetings... As has become traditional, we will be holding a PGP key
signing party at the IETF in Vienna. Ted Ts'o will be unable to attend
this IETF meeting, so I have agreed to organize the session in his place.
Please note that because the IETF has rooms booked in the conference
center only until 22:00 each day, our usual Wednesday-night time slot
after the plenary was not available. Instead, we will be holding the
event at the beginning of the dinner break on MONDAY, at 17:30. The
PGP Key Signing will take place in Hall IK at the Austria Center
Vienna.
The rest of this text was generously donated by Ted Ts'o, modulo
some changes relating to the details. The procedure we will use is
the following:
o People who wish to participate should email an ASCII extract of
their PGP public key to <jhutz@cmu.edu> by noon on Monday, July
14, 2003. Please include a subject line of "IETF PGP KEY", and
please DO NOT MIME-ENCRYPT your e-mail. Send it to me as plain
text, and do NOT base-64 encode things. (I will be running the
entire mail folder file through GPG, and PGP-keys that are base-64
encoded will get ignored unless I take manual action to fix things.
I will try do the manual fixup, but I make no guarantees about
catching all of them.)
The method of generating the ASCII extract under Unix is:
pgp -kxa my_email_address mykey.asc (pgp 2.6.2)
pgpk -xa my_email_address > mykey.asc (pgp 5.x)
gpg --export -a my_email_address > mykey.asc (gpg)
If you're using Windows or Macintosh, hopefully it will be Intuitively
Obvious (tm) using the GUI interface how to generate an ASCII armored
key that begins "-----BEGIN PGP PUBLIC KEY BLOCK-----".
o By 4pm on Monday, you will be able to fetch the complete key ring
from any of the following locations with all of the keys that were
submitted:
/afs/grand.central.org/project/ietf-pgp/ietf57.pgp
http://grand.central.org/dl/ietf-pgp/ietf57.pgp
ftp://grand.central.org/pub/ietf-pgp/ietf57.pgp
o At 5:30pm, come prepared with the PGP Key fingerprint of your PGP
public key; we will have handouts with all of the key fingerprints of
the keys that people have mailed in.
o In turn, readers at the front of the room will recite people's keys;
as your key fingerprint is read, stand up, and at the end of reading
of your PGP key fingerprint, acknowledge that the fingerprint as read
was correct.
o Later that evening, or perhaps when you get home, you can sign the
keys corresponding to the fingerprints which you were able to verify
on the handout; note that it is advisable that you only sign keys of
people when you have personal knowledge that the person who stood up
during the reading of his/her fingerprint really is the person which
he/she claimed to be.
o Submit the keys you have signed to the PGP keyservers. A good one to
use is the one at MIT: simply send mail containing the ascii armored
version of your PGP public key to <pgp@pgp.mit.edu>.
Note that you don't have to have a laptop with you; if you don't have
any locally trusted computing resources during the key signing party,
you can make notes on the handout, and then take the handout home and
sign the keys later.
-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA
