PGP Keysigning Event and CACert Assertion at SELF2014
SouthEast LinuxFest is happening this upcoming weekend. I offered to host a PGP (I’ll substitute PGP for GPG, GnuPG, and other iterations) keysigning and CACert Assertion event and have been scheduled for 6:30 PM in the Red Hat Ballroom. Since there is a little bit of planning needed on the part of the participant I’m writing this to help the event run smoothly.
Participating in the PGP Keysigning Event
If you haven’t already, generate your PGP keys. Setting up your particular mail client (MUA) is more than what I’ll discuss here but there is plenty of resources on the Internet. Send me (firstname.lastname@example.org – signed, preferably encrypted to 0x024BB3D1) the fingerprint of your PGP key no later than 3:00PM on Saturday afternoon. If you don’t send me your fingerprint by that time you’ll be responsible for providing it to everyone at the keysigning event on paper. Obtaining your key’s fingerprint can be done as follows:
$ gpg --fingerprint 024bb3d1 pub 4096R/024BB3D1 2011-08-11 [expires: 2015-01-01] Key fingerprint = 097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1 uid Eric Harlan Christensen <email@example.com> uid Eric "Sparks" Christensen <firstname.lastname@example.org> uid Eric "Sparks" Christensen <email@example.com> uid Eric "Sparks" Christensen <firstname.lastname@example.org> uid [jpeg image of size 2103] uid Eric Harlan Christensen <email@example.com> sub 3072R/DCA167D5 2013-02-03 [expires: 2023-02-01] sub 3072R/A9D8262F 2013-02-03 [expires: 2023-02-01] sub 3072R/56EA1030 2013-02-03 [expires: 2023-02-01]
Just send me the “Key fingerprint” portion and your primary UID (name and email address) and I’ll include it on everyone’s handout. You’ll need to bring your key fingerprint on paper for yourself to verify that what I’ve written on the paper is, indeed, correct.
At the event we’ll quickly do a read of all the key fingerprints and validate them as correct. Then we’ll line up and do the ID check. Be sure you bring a photo ID with you so that we can validate who you are with who you claim to be to the authorities. People are generally okay with a driver’s license; some prefer a passport. Ultimately it’s up to the individual what they will trust.
CACert is a free certificate authority that signs X509 certificates for use in servers, email clients, and code signing. If you are interested in using CACert you need to go sign up for an account before the event. Once you have established an account, login and select “US – WoT Form” from the CAP Forms on the right-side of the page. Print a few of these forms and bring them with you (I hope to have a final count of the number of assurers that will be available but you’ll need one form per assurer). You’ll need to present your ID to the assurer so they can verify who you are. They will then award you points in the CACert system.
If you have any questions about the event feel free to ask them here (using a comment) or email me at firstname.lastname@example.org.