9:58 a.m.
Hi everyone, I want to organize a key signing party for anyone
interested. If you can
reply to me with your key type, HEX fingerprint, and key size, I'll happily add you
to our list and print the list for all participants. The current plan is to organize and
verify identities near the time and place of the candy swap. I'll provide more
specific details as they become available.
Time will be 20:30 on Thursday the 8th. I will add the location when it is clear, but for
now, we will plan to meet just outside the same location as the candy swap. I'll make
a sign to make it easy to locate.
>
> Here is an example of what we are looking to receive before the key signing party:
> HEX Fingerprint, key type, key size
> davdunc(a)amazon.com,3760CF72691F31E2DCE9F260AC72DA7B40B20EFF, rsa, 3072
>
> If you would like instructions on how to create a gpg key:
> https://docs.fedoraproject.org/en-US/quick-docs/create-gpg-keys/
>
>
> For the party, bring:
> 1. Physical attendance (yourself)
> 2. Positive picture ID
> 3. A pen/pencil or whatever you'd like to write with.
> 4. NO computer
>
> Upload the key to the https://keys.openpgp.org/ if you haven't already. We'll
use
> this for the official keyserver for the party as it is the only one with mitigations
in
> place for poisoned signatures.
>
> If you like, you can check your key and the keys in your signature for signature
> poisoning:
> https://tech.michaelaltfield.net/2019/07/14/mitigating-poisoned-pgp-certi... and if
> you find one, I hope you will share your story.