On Wed, May 25, 2016 at 04:11:36PM +0200, Johannes Segitz wrote:
- I'll compose a file with all the signatures,
further instructions and send
a signed version around three days before the event
Please find attached the file you'll need to participate. You can check it
# gpg --verify keylist.txt.asc keylist.txt
Here's what you have to do with this file:
(0) Verify that the key-id and the fingerprint of your key(s) on this list
match with your expectation.
(1) Print this UTF-8 encoded file to paper.
Use e.g. paps(1) from http://paps.sf.net/
(2) Compute this file's RIPEMD160 and SHA256 checksums.
gpg --print-md RIPEMD160 keylist.txt
gpg --print-md SHA256 keylist.txt
(3) Fill in the hash values on the printout.
(4) Bring the printout, a pen, and proof of identity to the keysigning event.
You may find it useful to make a badge stating the number(s) of your key(s)
on this list and the fact that you verified the fingerprints of your own
key(s). Also provide a place to mark that your hashes match.
| I am number 001 |
| My key-id & fingerprint: ☑ |
| The hashes: ☐ |
Be on time (2016-06-24 14:00 in the Hacker Room) to actually verify the
hashes as they are announced!
Usually I shouldn't publish the hash values before the event to prevent
people from just taking them from this mail and not computing them
themselves. But we had some problems last year with mail clients mangling
the attachments, which lead to non-matching hash values. So I'll publish
the beginning of the RIPEMD160 hash:
keylist.txt: A0AC F9EF DD99 97BC 484D (...)
If you don't have that for keylist.txt, then your mail client screwed up.
Regarding proof of identity: During our last keysigning party we had some
ID documents that were quite old (so you used to be quite the heavy metal
guy 20 years ago, but now broken by life and without hair it's hard to
recognize you), hard to read etc. In such a case it doesn't hurt to bring
additional documents, otherwise more security conscious people might not
sign you key.
Looking forward to seeing you there,
GPG Key E7C81FA0 EE16 6BCE AD56 E034 BFB3 3ADD 7BF7 29D5 E7C8 1FA0
Subkey fingerprint: 250F 43F5 F7CE 6F1E 9C59 4F95 BC27 DD9D 2CC4 FD66
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)