Hi everyone, I want to organize a key signing party for anyone interested. If you can
reply to me with your key type, HEX fingerprint, and key size, I'll happily add you
to our list and print the list for all participants. The current plan is to organize and
verify identities near the time and place of the candy swap. I'll provide more
specific details as they become available.
Here is an example of what we are looking to receive before the key signing party:
HEX Fingerprint, key type, key size
davdunc(a)amazon.com,3760CF72691F31E2DCE9F260AC72DA7B40B20EFF, rsa, 3072
If you would like instructions on how to create a gpg key:
https://docs.fedoraproject.org/en-US/quick-docs/create-gpg-keys/
For the party, bring:
1. Physical attendance (yourself)
2. Positive picture ID
3. A pen/pencil or whatever you'd like to write with.
4. NO computer
Upload the key to the
https://keys.openpgp.org/ if you haven't already. We'll use
this for the official keyserver for the party as it is the only one with mitigations in
place for poisoned signatures.
If you like, you can check your key and the keys in your signature for signature
poisoning:
https://tech.michaelaltfield.net/2019/07/14/mitigating-poisoned-pgp-certi... and if
you find one, I hope you will share your story.