[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian meeting this saturday

Previously Wichert Akkerman wrote:
> I still haven't heard from Ray Dassen, Ardo van Rangelrooi or Paul Slootman
> if they will be there.

That means Ray will come, and Ardo was the one who could not make it.

Now a quick description of the PGP/GPG signing: everyone should bring
a passport or other ID so we can verify he is who he claims to be.
You also need to bring the number of bits and KeyID of your key,
as well as the key fingerprint. We can use this to verify that the key
that the PGP keyservers have is indeed your key.

How do you sign a key? First you download the key from a PGP keyserver
or use the Debian PGP/GPG keyring. Then you verify that the key is indeed
the key of the person you met at the signing-session by verifying the
keyID, number of bits and fingerprint. If the key is correct you can
sign it. Then you only need to send the new signature back to the PGP
keyserver: extract the key you just signed and give it to the keyserver.
The server will automatically add the signature to its keyring.

The owner of the key can then get the updated public key from the keyservers
and merge it with his own keyring and voila! The signing has happened.


This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: wakkerma@wi.LeidenUniv.nl
WWW: http://www.wi.leidenuniv.nl/~wichert/

Attachment: pgpy2hxgRF4EH.pgp
Description: PGP signature

Reply to: