FYI: Keysigning at Linuxtag 2008 in Berlin (May 30th)

[Werner Koch]

On Wed, 16 Apr 2008 17:11, ml at mareichelt.de said:

> http://wiki.linuxtag.net/w/Keysigning_2008

Please don't use this procedure - it just don't works.  Within a group
of cryptographers it is a nice protocol but not in the real world.

The procedure does not cope with the problem that people don't
understand what they have to do, don't have a pencil at hand, they need
to juggle with a long list a pencil and several passports.  Worst of all
there will be quit esome folks who pop up to late and want to get their
keys signed too.  Rejecting them is not an option and thus you need to
resort to the fingerprint slip method anyway.

The only pocedure which works is to ask the attendees to print there
fingerprint on paper slips in regular typewriter mode.  With two user
IDs this yields 10 slips per A4 page.  At the party you walk along all
other attendees, look at the passport etc and receive the paper slip if
you accept the identify.  For those who don't want to sign all user IDs,
they will porbably have a pencil and can cross-out the other user IDs.

That procedure is way faster than anything else, easy to explain, scales
well and can even handle those arriving too late or not properly
prepared.  It is also more like a party than that mumbling of numbers
without proper use of the ICAO phonetic alphabet.

At the last conference we had about 20 sending in their keys, 6 actually
attending, about 3 arriving too late and about 5 not having send in
their keys but carrying paper slips around.  Processing the 5 with the
paper slips was faster than those on the list.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.