[sclug] Key signing

[Simon Heywood]

As indicated last month, it's probably worthwhile making key signing
part of the monthly meeting. If you want to take part then bring a copy
(or copies) of your key fingerprint and some (Government issued)
photographic ID, e.g. driving licence or passport.

Here's a summary of the procedure if you're unfamiliar with it.

1. If you don't have one already, create a key ('gpg --gen-key'). Opt
for a DSA and ElGamal key and pick a strong passphrase. I'd recommend
creating a 2048 bit key, although the default is 1024.

2. Upload the public key to a key server. This can be done by putting
'keyserver wwwkeys.uk.pgp.net' in the ~/.gnupg/options file and running
'gpg --send-keys <keyid>', where the key ID is the eight digit hex.
number (mine is 7D6AA912, for example).

3. Bring a copy of the key fingerprint with you for verification.
There's a script[1] which prints out a page full for cutting up and
handing out during key signing sessions.

4. We'll tell you the rest. :-) Alternatively, read the comprehensive
(if somewhat paranoid) HOWTO[2]. The man page for gnupg is also
worthwhile browsing through.

S.

[1] http://www.trilug.org/~jeremy/gpg-key2ps
[2] http://www.cryptnet.net/fdp/crypto/gpg-party.html