ubuntu-waterloo-region team mailing list archive
Mailing list archive
KWLUG Keysigning on 8 August 2016
The Canadian Ubuntu Users Community <ubuntu-ca@xxxxxxxxxxxxxxxx>, Ubuntu Canada Waterloo Chapter <ubuntu-waterloo-region@xxxxxxxxxxxxxxxxxxx>
Bob Jonkman <bjonkman@xxxxxxxxx>
Sun, 10 Jul 2016 22:56:03 -0400
SOBAC Microcomputer Services
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
-----BEGIN PGP SIGNED MESSAGE-----
Hi Everybody! I'll be the Keymaster at a Formal Keysigning at the
"Short Presentations and Activities" KWLUG meeting on 8 August 2016.
A formal keysigning is where we read out our public GnuPG/PGP key
fingerprints, have others vouch for our identities, then (afterwards)
we sign each others' keys. We're extending the Web of Trust based on
our actual knowledge of each other -- no government ID is required!
For a formal keysigning I'll need copies of your GnuPG/PGP Public Key,
then after the keysigning event I'll ensure that everyone gets a copy
of all the signed keys.
If you want to participate, here are the instructions:
1) E-mail your public GnuPG/PGP key to bjonkman@xxxxxxxxx
2) I publish your public key in an ownCloud shared folder, and add it
to a Keysigning Keyring; you can download it to verify that your key
is correct (I'll send the link when I receive your public key).
3) Come to the KWLUG meeting on Monday, 8 August 2016, and bring a
copy of your public key so you can read out your fingerprint
independently from the list that I'll be providing.
4) After the meeting, you carefully verify that the key fingerprints
you have in your keyring match the fingerprints you verified at the
meeting, then you sign the keys of those people that you verified.
5) E-mail me the signed keys (or upload to the ownCloud shared folder).
6) I'll import all the signed keys into the Keysigning Keyring, I'll
sign all the keys with the Keysigning Key, and I'll e-mail all the
signed keys from everyone back to you.
7) You import the all the keys into your own keyring again, so that
you have all the signatures on everyone's keys.
8) If you want, you can upload your own signed public key to the
Remember, don't upload other people's public keys to the keyservers
without their permission. Not everyone wants their GnuPG/PGP key
(which usually has an e-mail address) to be easily harvestable by the
Maybe we can have an Informal Keysigning too! Bring fingerprint
strips, just in case!
These "simple" instructions are available at
http://sobac.com/wiki/index.php/KWLUG_Keysigning_2016-08-08 Pass it
around! There are also full instructions for both participants and
Keymaster at http://sobac.com/wiki/index.php/Formal_Keysigning but the
instructions in this e-mail are much simpler for both participants and
See you on 8 August!
Bob Jonkman <bjonkman@xxxxxxxxx> Phone: +1-519-635-9413
SOBAC Microcomputer Services http://sobac.com/sobac/
Software --- Office & Business Automation --- Consulting
GnuPG Fngrprnt:04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Ensure confidentiality, authenticity, non-repudiability
-----END PGP SIGNATURE-----