harishpillay

GPG Keysigning at FOSS.in 2010

I will be attending the FOSS.in event from December 15-17 in Bangalore, India.

As part of the Fedora participation at the FOSS.in, I will be running a GPG keysigning party.

This will be the first time I am running a GPG keysigning event and I am following it all on the experiences of Matt Domsch and documented here.

For the FOSS.in session, please ensure that the following is adhered to (again, adopting the good work from Matt):

How To Participate (BOLD is mandatory, ITALICS is optional):


a) You need to pre-register for this.

b) If you do not already have a GPG keypair, get one done.

c) You may choose to add your USERNAME@fedoraproject.org ID into your key pair.

d) Submit your key before the keysigning party to subkeys.pgp.net keyserver. To submit, you will need your KEYID from your keyring. Run the following command:

gpg --list-secret-keys | grep ^sec

which in my case will return:

sec   1024D/746809E3 2006-02-20

What you need to do is to take the portion after 1024D and submit that to the keyserver.

e) To submit your KEYID, you need to execute the following command:

gpg --keyserver subkeys.pgp.net --send-keys KEYID

Make sure you replace the word KEYID above with the actual key.

f) Once the KEYID has been successfully submitted, email me your key fingerprint using the following command:

gpg --fingerprint KEYID | mail -s " key" harishpillay@fedoraproject.org

Just Before FOSS.in (all the following steps are mandatory)

a) If you did pre-register (ie, your emailed me the info requested above), please print out your key fingerprint ONCE and bring it along.

b) If you did not send it ahead of time, you might have to print out multiple copies of your key fingerprint. One copy per person at the keysigning party.  I cannot confirm how many there will be but do watch this blog for that number.

c) To print out your fingerprint, you can use the tool “gpg-key2ps” (found in the pgp-tools RPM – “yum install pgp-tools”).

gpg-key2ps KEYID > YOURNAME-key.ps

will generate on one page the fingerprint of your key. This document, YOURNAME-key.ps can be viewed using evince or if you prefer convert to a pdf using the ps2pdf command.

d) Run md5sum and sha1sum on the foss-in-keysigning-fingerprints.txt file.  The file, foss-in-keysigning-fingerprints.txt will be generated shortly before FOSS.in and you will be notified by email of it’s availability. Print out the results of running both the commands and bring along that piece of paper to the meeting.

e) Bring along a government-issued ID with a photo of yourself in it. This document can be a passport, a national ID card or a driver’s license. It is very important that this document has a photo of yourself that is relatively recent and that this document is government issued.

In summary, right before the kesigning event, you will have two pieces of paper (one with your key fingerprint and the other with the md5sum and sha1sum results of the foss-in-keysigning-fingerprints.txt file).

At the Keysigning Event

Since I am asking for people to pre-register, you will find the needed files on http://harishpillay.fedorapeople.org/foss.in/. We will be READING out thees values in the file to confirm match.

Post Keysigning

Once the values are read out, you will need to do the acutal signing of keys. For this, we will use “CA – Fire and Forget” tool called caff. Caff will be able to do bulk signing of keys and will then send off email  to all those whom you have confirmed. The recipients will then need to retrieve their signed key, import into their gpg keyring and also upload to the keyserver subkeys.pgp.net.

Please watch this space for the exact time and location of the GPG Keysigning event.

2 comments

Leave a Reply