On Fri, 21 Jun 2002, Scott Dier wrote:
> Keysignings in large parties that I've been in run something like
> this [actually, every one I've been to was ran by Theodore Ts'o]:
>
> 1) Someone requests all the keys of people showing up to be sent to an
> email address.
> 2) Such person prints up a ton of copies of this list.
> 3) At the event, person (with possible volunteers) calls out the type
> of key, uid, and fingerprint. Owner of key verifies that the
> fingerprint matches to information that they have brought (written
> down, on laptop, etc) and says that the fingerprint is correct.
> 4) After all fingerprints are verified, people go about doing ID checks
> with each other and mingling, etc. This can take a while. Upside is
> that since the fingerprint verification has already happened it takes
> less time.
I liked the procedure used at the Linux Kongress 2000 a bit better:
1. Someone requests all the keys of people showing up to be sent to an
email address.
2. Such person builds a canonical text file and puts it up on the net
somewhere
3. Everyone wishing to attend the party downloads the text files,
calculates its md5 hash and prints it
4. At the event person announces the md5sum
5. In turn everyone stands up and verifies that the fingerprint on the
list is correct.
6. either point 4 of Scott's list or
Using a camera and projector or similar technology each attendee
shows his ID on the big screen so everyone can read it.
This has two advantages:
- no need to read the long key ids
- id verification is way faster
yours,
peter
--
PGP signed and encrypted | .''`. ** Debian GNU/Linux **
messages preferred. | : :' : The universal
| `. `' Operating System
http://www.palfrader.org/ | `- http://www.debian.org/
Attachment:
pgpyoZkOTl7Ip.pgp
Description: PGP signature