[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Octconf Key Signing Party

From: Mike Miller
Subject: Re: Octconf Key Signing Party
Date: Wed, 27 Aug 2014 10:10:03 -0700
User-agent: Mutt/1.5.23 (2014-03-12)

On Wed, Aug 27, 2014 at 11:30:05 -0400, John W. Eaton wrote:
> On 08/27/2014 11:01 AM, Rik wrote:
> >I have PGP keys that could be signed, but two is still not quite a
> >party.  If we get a few more yesses then I think we should add it.

Even if there are not enough to warrant a "party", I would still be
interested in doing a one-on-one key exchange with whoever wants to.
Fewer people means it only takes a minute or two :)

> I'd join in, but first I think I should generate a new key(?) because the
> last time I took my current key to a key signing party, people were telling
> me that they wouldn't sign 1024D keys.

Yes, that would be a good idea. The Debian keyring team keeps a good
tutorial for creating stronger 4096R keys and SHA-2 signatures:


You can then sign your new key with your old key, so for those who do
trust your old 1024D key, there is a trust path to your new key. I would
probably not sign the old key with the new key, however.

On Wed, Aug 27, 2014 at 17:19:52 +0200, Juan Pablo Carbajal wrote:
| That's a cool idea! I am sorry I can't go to Octconf...anyway of extending
| the party over the net?

Unfortunately not. Doing it in person permits me to verify that you are
in fact a real person who claims to control a particular key and that
you are in fact the individual that you say you are, typically by way of
a government-issued passport or other photo ID.

Good questions, keep them coming, I am happy to answer, and happy to see
there is some small interest so far :)


Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]