On Mon, 2008-01-07 at 17:14 -0600, Matt Domsch wrote:
At the keysigning, I'll read these values. Everyone confirms they match, therefore we know your key as listed in the keyring is what everyone expects it to be. Then we each, in order, show our IDs for everyone to validate, and then each person can decide if they want to sign that person's key.
After the keysigning, you can use a tool like caff from the pgp-tools package to sign each person's key and mail it to them.
If I may be so bold, last time we did this, a very small proportion of attendees actually sent around signed keys. Or did they just not want to sign mine? :-) If you've got a laptop and install pgp-tools on it, you can run through the signing routine at least once in the room so we can clear up any confusion that might prevent propagating the "web of trust."