Once again, we will be holding a PGP Key signing party at the IETF
meeting in Washington, D.C.
We have been scheduled to meet at 10:30pm on the evening of Wednesday,
November, 10, 1999 in the Hampton Room.
The procedure we will use is the following:
o People who wish to participate should email an ASCII extract of their
PGP public key to <[EMAIL PROTECTED]> by midnight on *Monday* of the week
of the IETF meeting. Please include a subject line of "IETF PGP
KEY".
Sending your key to me before the IETF meeting is appreciated, since
it reduces the number of keys that I have to collect during the
meeting. (In fact, why don't you send me your key right now if you
know will be attending, so you won't forget?)
o By 6pm on Wednesday, you will be able to ftp a complete key ring
from tsx-11.mit.edu with all of the keys that were submitted; it will
be available at these URL's:
http://web.mit.edu/tytso/www/ietf2.pgp
http://web.mit.edu/tytso/www/ietf5.pgp
(For PGP 2.x and PGP 5.x, respectively; the PGP 5.x keyring will
be a superset of the PGP 2.x keyring.)
o At 10:30pm, come prepared with the PGP Key fingerprint of your PGP
public key; we will have handouts with all of the key fingerprints of
the keys that people have mailed in.
o In turn, readers at the front of the room will recite people's keys;
as your key fingerprint is read, stand up, and at the end of reading
of your PGP key fingerprint, acknowledge that the fingerprint as read
was correct.
o Later that evening, or perhaps when you get home, you can sign the
keys corresponding to the fingerprints which you were able to verify
on the handout; note that it is advisable that you only sign keys of
people when you have personal knowledge that the person who stood up
during the reading of his/her fingerprint really is the person which
he/she claimed to be.
o Submit the keys you have signed to the PGP keyservers. A good one to
use is the one at MIT: simply send mail containing the ascii armored
version of your PGP public key to <[EMAIL PROTECTED]>.
Note that you don't have to have a laptop with you; if you don't have
any locally trusted computing resources during the key signing party,
you can make notes on the handout, and then take the handout home and
sign the keys later.
- Ted
