[kwlug-disc] Interested in a presentation about Privacy?

[Kyle Spaans]

On Wed, Apr 28, 2010 at 1:21 AM, unsolicited <unsolicited at swiz.ca> wrote:
> What does any of this have to do with key signing?
>
> - speak both locally (kwlug), and for a really large key signing party. i.e.
> Suppose there was a Southwestern Ontario key signing party - how is this
> sort of thing dealt with at such a venue? Or do venue's that large, by
> definition, not happen?

I don't think that it's a matter of a venue being too large to happen
_by definition_,
but rather "do you want to _trust_ all of those people?" If you're a
newcomer to the
group (be it KWLUG or Southwestern Ontario), you're going to want to somehow
prove your identity to people that are going to sign your key. That could be
government ID (if you don't have anything else to your name), or maybe a fancy
business card (how much do you trust business cards?). But say you're
a developer
or hacker of some kind, you can probably talk-the-talk with other group members
about a specific project, and they'll recognize you as user12345 from online. On
the other hand, maybe you don't care about having other people trust you, and
you just want to find out who this "Kyle Spaans" fellow really is and if you can
trust that messages from "3lucid at gmail.com" are really from him. (N.B.: my
public key is not setup for use with my gmail account, I use it with
my university
email account instead, kspaans at uwaterloo.ca, which I will start using on this
list before Sept.)

The whole identity thing is just a way that people can prove that they are who
they say they are (they may just do this by giving you their public
key in person,
which you can later verify against their signature on a message).