You are viewing a plain text version of this content. The canonical link for it is here.
Posted to discuss@apachecon.com by Sander Temme <sa...@temme.net> on 2005/07/04 07:49:42 UTC

Announcement: ApacheCon Europe 2005 PGP Keysigning Event

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear fellow ApacheCon attendee,

This message only applies to you if you are actually attending  
ApacheCon EU
2005. It is the invitation to participate in the ApacheCon Europe  
2005 PGP
Keysigning Event. If you would like to be a part of this, please e-mail
your public key to me for inclusion in the list.

At the Keysigning Event, you will mutually verify each other's  
identity and
ownership of your PGP public keys. Signing other participants' keys  
based
on this verification allows you to extend your web of trust, and  
perhaps to
encompass the keys that the Apache developers use to sign releases.

The Keysigning Event will take place some time during the ApacheCon
conference. A specific time slot and room will be announced at the
conference.


P R E P A R A T I O N

1) E-mail your PGP key(s) to me at the above address
    <sc...@apache.org> before July 15, 2005.
2) Print out the fingerprint of your PGP key fingerprint. You will
    use this at the event to verify that your entry on the list is
    correct.
3) While you're printing things out, it may be a good idea to make
    some slips with your PGP key ID and fingerprint, the e-mail
    address(es) that hour key is valid for, and perhaps a little
    digital passport photograph. You can give this to other
    conference participants that want to sign your key outside the
    official Keysigning Event.


W H A T  T O  B R I N G

Printouts of the entire key list will be available at the event.

1) Yourself. Note that you have to be physically present at the
    conference in order to participate.
2) The printout of your key.
3) A pen. Or two. Maybe different colors. Go to town.
4) Some form of ID... passport, driver's license, unique pheromone
    pattern, anything that will convince your fellow participants
    of your identity. Note that it is up to each participant's
    judgement whether your ID has been sufficiently verified to sign
    your key.
5) No computer.

No computer? No. Don't bring your computer to the event. No keys are
actually signed at the event. Really paranoid fellow participants will
point to the dangers of shouldersurfing for your private key passphrase,
and the presence of computers at the signing event would interfere  
with the
smooth progress thereof. We all spend too much time with our computers
anyway.

Mail me your key! Today! Hope to see you at ApacheCon!

Regards,

Sander Temme

- --
sander@temme.net              http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.1 (Build 2185)

iQA/AwUBQsjNwrK+vEAVKSSvEQIVBgCeLcV0m510knfu0B1PFtk4/SWtoXAAoJQI
SsvyxMrVXf1JifCNFfryIQix
=oTK2
-----END PGP SIGNATURE-----