On 4 Jun 2015, at 3:45, John C Klensin wrote:
I also note that "PGP key signing parties" used to be a regular feature at almost every IETF meeting. If we were serious about secure communications (not just email) within the IETF community, we would reinstitute those, review signing criteria and create some guidelines, and make sure we could get X.509 certs issued/signed too, if necessary in an IETF or ISOC tree.
For what it's worth, I am willing to volunteer for this. If there's a room and a timeslot available, I could do it in Prague, even. I've done lots of these in the past (although none at the IETF).
I believe I am (still) a CACert assurer of some kind, too, although it has been long enough since I've done anything with that that I would need a refresh (both on the procedures and documentation required, and on current interest CACert) to incorporate that into the mix.
While we're getting ahead of ourselves, if there was an ISOC or IETF CA that was fed and watered sufficiently well that it was worth using in some glorious future, incorporating that (them) seems like a lovely idea too.
Rewinding to reality, perhaps there are other PGP and/or CACert enthusiasts who would like to join in and talk about at least some level of PGP fumbling in Prague.
Joe