Previously Wichert Akkerman wrote: > I still haven't heard from Ray Dassen, Ardo van Rangelrooi or Paul Slootman > if they will be there. That means Ray will come, and Ardo was the one who could not make it. Now a quick description of the PGP/GPG signing: everyone should bring a passport or other ID so we can verify he is who he claims to be. You also need to bring the number of bits and KeyID of your key, as well as the key fingerprint. We can use this to verify that the key that the PGP keyservers have is indeed your key. How do you sign a key? First you download the key from a PGP keyserver or use the Debian PGP/GPG keyring. Then you verify that the key is indeed the key of the person you met at the signing-session by verifying the keyID, number of bits and fingerprint. If the key is correct you can sign it. Then you only need to send the new signature back to the PGP keyserver: extract the key you just signed and give it to the keyserver. The server will automatically add the signature to its keyring. The owner of the key can then get the updated public key from the keyservers and merge it with his own keyring and voila! The signing has happened. Wichert. -- ============================================================================== This combination of bytes forms a message written to you by Wichert Akkerman. E-Mail: wakkerma@wi.LeidenUniv.nl WWW: http://www.wi.leidenuniv.nl/~wichert/
Attachment:
pgpy2hxgRF4EH.pgp
Description: PGP signature