Phillip Hallam-Baker <hallam@xxxxxxxxx> wrote: >On Fri, Sep 6, 2013 at 6:42 PM, Joe Touch <touch@xxxxxxx> wrote: > >> >> >> On 9/6/2013 10:17 AM, Michael Richardson wrote: >> >>> >>> I will be happy to participate in a pgp signing party. >>> Organized or not. >>> >>> I suggest that an appropriate venue is during the last 15 minutes of >the >>> newcomer welcome and the first 15 minutes of the welcome reception. >>> >>> Because: >>> 1) the WG-chairs and IESG will all be there, and a web of trust >>> still needs some significant good connectivity, and we already >>> know each other rather well, without needing "ID" >>> (I am not interested myself in verifying anyone's >NSA^WGovernment >>> identity. I don't trust that Certification Authority...) >>> >>> 2) getting newbies on-board, meeting them well enough to sign >>> their key seems like a good thing. >>> >> >> And whose key would you sign? Anyone who showed up with a form of ID? >> >> I've noted elsewhere that the current typical key-signing party >methods >> are very weak. You should sign only the keys of those who you know >well >> enough to claim you can attest to their identity. >> >> If that's the case, how will this get newbies on-board except to >invite >> them to have keys whose signatures aren't relevant, and to devalue >the >> trust in WG-chairs and IESG members? >> >> Joe >> > >I can write a key ceremony spec. I have done that before. > >Almost everyone arriving in Vancouver will have a passport in any case. >The >protocol will probably be something like provide your key etc data in >advance, print something out and present that plus your ID document in >the >ceremony. Here's one approach that works reasonably well: http://www.debian.org/events/keysigning The scripts in the mentioned signing party package make things much easier. Scott K