[H-GEN] Key-signing at Humbug: Saturday, 1st March 2003
Mark Suter
suter at humbug.org.au
Mon Feb 24 17:37:48 EST 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Folks,
rob> Agreed again. I suspect social pressure is a problem here though - many
rob> people might feel uncomfortable declining to sign the key of someone they
rob> know socially but can't verify the identity of. I hope everyone has read
rob> the instructions and brings along two forms of photo ID.
greg> I have read the instructions and interpreted them to say that at
greg> least one form of photo ID is required -- I don't think it's
greg> realistic to require more than one such document and I certainly
greg> don't plan to bring anything other than my driver's licence.
greg>
greg> If that's a problem, that needs to be clarified soonish ...
The ID requirements are for each key signer to determine. When you have
someone saying to you, "Hi, I'm Jane Citizen and here's my ID," it's up
to you to decide if you believe them.
If you sign this key then you are saying, "I am absolutely positive this
key belongs to Jane Citizen <citizen at example.com>." The fingerprints
(ten groups of 4 hex digits) are to ensure you're signing the right key.
Here's a bit more information:
http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-3.html#ss3.6
If you wanting to use cryptography for real, I strongly recommend Bruce
Schneier's _Applied Cryptography_. This book will help you understand
the complexity and fragility of cryptographic systems we use.
http://www.counterpane.com/applied.html
For the curious, I'm bringing my Queensland Drivers Licence and my
Australian Passport on Saturday. I probably also go over this with the
participants (currently 15, deadline for joining is noon Wednesday).
Yours sincerely,
- -- Mark John Suter | I know that you believe you understand
suter at humbug.org.au | what you think I said, but I am not sure
gpg key id 2C71D63D | you realise that what you heard is not
mobile 0411 262 316 | what I meant. Robert J. McCloskey
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Check Keyservers or http://zwitterion.org/keys/
iD8DBQE+Wp68RYso2ixx1j0RAlfFAJ9/LbWmtJieAP5oeZhxtKcbOji4bACfc8GK
4TGi38ED9ImTK82hEVR0cmA=
=KX7G
-----END PGP SIGNATURE-----
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list