Key Signing at LCA 2011: 3:45pm on Friday, 28th January 2011
There will be a key signing party at linux.conf.au 2011 on the Friday afternoon, from 3:45pm. It requires some advance preparation and is completely optional.
A key signing party is a get-together with PGP users for the purpose of meeting other PGP users and signing keys, thus extending the "web of trust" by a significant degree. It also serves as a forum to discuss cryptography and related issues (time permitting).
Now, After the key signing
With you personal checklist on hand, sign those keys in which you are completely confident. Even if you know what you're doing, please take a moment to read the Validating other keys on your public keyring section of the The GNU Privacy Handbook.
There are several utilities that are useful - I recommend caff(1), part of PGP Tools that's available under Debian (and many derivatives) in the signing-party package.
These sections are offered in the hope they prove useful.
Exporting your Public Key
This command will work for many people to export your key so it may be submitted:
$ gpg --export --armor keyid > key.txt
Generating a SHA2 Hash
Here's a example session showing two possible commands to to generate a Secure Hashing Algorithm 2 hash of the party.gpg file with a 512 byte result. Both will produce the same result; however, you may not have both programs installed.
$ openssl dgst -sha512 party.gpg SHA512(party.gpg)= f156b0aeebf9e562df4859bfd27adc95ea115a6fc75f6778c03f23ec6a345212116c548697d7bb942ce70d8a79e9a9ab93999c8eab88d5ca19ff49557de9e873 $ sha512sum party.gpg f156b0aeebf9e562df4859bfd27adc95ea115a6fc75f6778c03f23ec6a345212116c548697d7bb942ce70d8a79e9a9ab93999c8eab88d5ca19ff49557de9e873 party.gpg
Checking a GnuPG Detached Signature
Here's a example session showing how to check the detached signature of the party.gpg file:
$ gpg --verify party.gpg.asc party.gpg gpg: Signature made Thu Dec 30 21:37:06 2010 EST using DSA key ID 2C71D63D gpg: Good signature from "Mark John Suter <firstname.lastname@example.org>" gpg: aka "Mark John Suter <email@example.com>" gpg: aka "Mark John Suter <firstname.lastname@example.org>" gpg: aka "Mark John Suter <email@example.com>" gpg: aka "Mark John Suter <firstname.lastname@example.org>" gpg: aka "Mark John Suter <email@example.com>" gpg: aka "[jpeg image of size 1485]"
Displaying a Key's Fingerprint
Here's a example session showing how to display the fingerprint of your key:
$ gpg --fingerprint 0x2C71D63D pub 1024D/2C71D63D 2002-05-30 Key fingerprint = A330 524C E164 50EA 70BC 2129 458B 28DA 2C71 D63D uid Mark John Suter <firstname.lastname@example.org> uid Mark John Suter <email@example.com> uid Mark John Suter <firstname.lastname@example.org> uid Mark John Suter <email@example.com> uid Mark John Suter <firstname.lastname@example.org> uid Mark John Suter <email@example.com> uid [jpeg image of size 1485] sub 2048g/54C96D2E 2002-05-30