You are viewing a plain text version of this content. The canonical link for it is here.
Posted to discuss@apachecon.com by Sander Temme <sa...@temme.net> on 2005/07/04 07:49:42 UTC
Announcement: ApacheCon Europe 2005 PGP Keysigning Event
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear fellow ApacheCon attendee,
This message only applies to you if you are actually attending
ApacheCon EU
2005. It is the invitation to participate in the ApacheCon Europe
2005 PGP
Keysigning Event. If you would like to be a part of this, please e-mail
your public key to me for inclusion in the list.
At the Keysigning Event, you will mutually verify each other's
identity and
ownership of your PGP public keys. Signing other participants' keys
based
on this verification allows you to extend your web of trust, and
perhaps to
encompass the keys that the Apache developers use to sign releases.
The Keysigning Event will take place some time during the ApacheCon
conference. A specific time slot and room will be announced at the
conference.
P R E P A R A T I O N
1) E-mail your PGP key(s) to me at the above address
<sc...@apache.org> before July 15, 2005.
2) Print out the fingerprint of your PGP key fingerprint. You will
use this at the event to verify that your entry on the list is
correct.
3) While you're printing things out, it may be a good idea to make
some slips with your PGP key ID and fingerprint, the e-mail
address(es) that hour key is valid for, and perhaps a little
digital passport photograph. You can give this to other
conference participants that want to sign your key outside the
official Keysigning Event.
W H A T T O B R I N G
Printouts of the entire key list will be available at the event.
1) Yourself. Note that you have to be physically present at the
conference in order to participate.
2) The printout of your key.
3) A pen. Or two. Maybe different colors. Go to town.
4) Some form of ID... passport, driver's license, unique pheromone
pattern, anything that will convince your fellow participants
of your identity. Note that it is up to each participant's
judgement whether your ID has been sufficiently verified to sign
your key.
5) No computer.
No computer? No. Don't bring your computer to the event. No keys are
actually signed at the event. Really paranoid fellow participants will
point to the dangers of shouldersurfing for your private key passphrase,
and the presence of computers at the signing event would interfere
with the
smooth progress thereof. We all spend too much time with our computers
anyway.
Mail me your key! Today! Hope to see you at ApacheCon!
Regards,
Sander Temme
- --
sander@temme.net http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.1 (Build 2185)
iQA/AwUBQsjNwrK+vEAVKSSvEQIVBgCeLcV0m510knfu0B1PFtk4/SWtoXAAoJQI
SsvyxMrVXf1JifCNFfryIQix
=oTK2
-----END PGP SIGNATURE-----