Hybrid keysigning party, your opinion?

Peter Lebbing peter at digitalbrains.com
Thu Dec 8 12:35:11 CET 2016


Stephan and Lachlan, thank you for thinking about this! I need to make a
decision soon, I really need feedback!

On 07/12/16 22:44, Stephan Beck wrote:
> Doesn't your proposal imply that late attendees could
> make their way through all the keysigning without fingerprint
> verification? Or do I miss something?

The normal attendees also don't do any fingerprint verification *at the party*.
At home, before the party, they checked their own fingerprint, and generated the
SHA256 checksum for the file they got. At the party, everybody together checks
the SHA256 checksum by simply reading aloud each and every digit.

> Thank you in any case for your detailed information, that encouraged me
> to install the keysigning package and have a look into it. It seems to
> be a great tool for organizing a key-signing event!

It is :-)

I wouldn't say my information is detailed actually, I could write a *lot* more
about proper procedure. But I hoped I didn't have to, instead just focussing on
what I wanted to do *differently* from usual.

Cheers,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list