[kwlug-disc] Interested in a presentation about Privacy?

Bob Jonkman bjonkman at sobac.com
Tue Apr 27 00:25:31 EDT 2010


Here is some interim info on key signing party protocols.  First, my 
trustry searchbots found a couple of references to previous 
conversations we've had on the topic:

   
http://astoria.ccjclearline.com/pipermail/kwlug-disc_kwlug.org/2009-February/000545.html

At the end of that thread I chime in with a link to another group's 
instructions based on the IETF BoF protocol:

   http://dl.central.org/dl/ietf-pgp/ietf72/announce-72

But it's not the original IETF instructions. -- it seems fairly 
dog-breakfasty. If I can't find the original instructions I'll rewrite 
these with local KWLUG characters and settings.  Tomorrow.


I also found an earlier thread from 2006, in which we had a similar 
discussion.  Sadly, I cannot find the archives prior to December 2008 at 
http://listserv.ccjclearline.com/pipermail/kwlug-disc/ If there is 
sufficient interest and/or curiosity I can repost my half of that 
discussion.

--Bob.



Earlier I wrote:
> Using government issued documentation to verify identity defeats the 
> purpose of creating a "Web of Trust" that isn't dependent on a central 
> authority figure.
>
> I have keysigning procedures from an IETF BoF gathering from many 
> years ago; I'll set the search bots in motion and post something later 
> tonight.  The IETF procedure requires only recognizance by people who 
> actually know each other, we don't need no steenkin' gov...  um, there 
> is no reliance on a hierarchical certificate authority.  There is a 
> good bit of preparation required tho, so polish up your keys in 
> anticipation.
>
> --Bob.
>
>
> On Sun, Apr 25, 2010 at 17:14, Kyle Spaans <3lucid at gmail.com> wrote:
>>> (As a side note, this might be a good chance to arrange a PGP
>>> Key Signing party? I've had a key for a while now but haven't done
>>> any of the "web of trust" stuff it yet -- I'll certainly talk about 
>>> this
>>> aspect of using the PGP system.)
>> Are we going to verify identity before we sign keys? How?
>> Government-issued ID? I think that would be a fun stipulation to
>> piggy-back on a talk about privacy... :)
>>

Bob Jonkman<bjonkman at sobac.com>          http://sobac.com/sobac/
SOBAC Microcomputer Services              Voice: +1-519-669-0388
6 James Street, Elmira ON  Canada  N3B 1L5  Cel: +1-519-635-9413
Software   ---   Office&  Business Automation   ---   Consulting







More information about the kwlug-disc mailing list