Re: OpenWest key-signing party questions

Tue, 11 Jul 2017 12:36:49 -0700 

On Tue, Jul 11, 2017 at 08:26:50AM -0600, Matt plug.org wrote:
> I'm trying to wrap my head around the PGP key-signing idea, as I'd like to
> participate tomorrow at OpenWest, but I've never really used PGP before.

The party is technically Thursday at 17:00.

    https://www.openwest.org/schedule/#tab-2017-07-13

> The OpenWest page regarding the party gives some information, but it seems
> incomplete. https://www.openwest.org/key-signing-party/
> 
> From what I understand, I:
> 
>    1. Generate a PGP keypair (gpg --gen-key).

Good.

>    2. Send an email with my PUBLIC key only (not fingerprint, right?) to
>    Aaron

Correct.

>    3. Print out the fingerprint via `gpg --fingerprint "[email protected]"`
>    and bring that info to the party

Indeed.

>    4. At the party read off key info -- just fingerprint?

I'll explain when we're there.

>    5. Verify others' keys and IDs

Yup.

>    6. ...

Profit!

> What and when is the actual "key signing"?  Each verified individual signs
> every other verified individual's keys (implying some basic idea that to
> the extent of my knowledge, they are who they say they are)?

I'll also explain this in detail at the party. Basically, it will go something
like this:

    1. I will have collected everyone's public key who attended into a group
    keyring.
    2. I will email that keyring to every attendant after the party.
    3. Instructions will be included as to how to proceed.

> Sorry if these seem like stupid questions.  It's all pretty foreign to me.

No worries. OpenPGP and the tools aren't exactly intuitive, which is the #1
complaint against its use- horrible UX.

> Once I get a better understanding of the idea, as an introvert, my next
> challenge will be psyching myself up to make that many small human
> interactions. :)

Swing by, and all your wildest dreams will come true!

-- 
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o

Attachment: signature.asc
Description: PGP signature

/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/

Reply via email to