E-Mail and File Security With GnuPG

MerriLUG, Nashua, NH -- 15 Mar 2007

For those attending the March 2007 meeting of the Nashua Chapter (MerriLUG) of the Greater New Hampshire Linux User Group (GNHLUG), this is how to participate in the key signing portion of the meeting.

  1. If you have any obsolete user IDs on your keys, revoke the UIDs so that they won't show up in the check lists.

  2. Ensure the keys you're using are available from the public keyservers at subkeys.pgp.net. Please upload them before the meeting if they're not already there.
    A typical command line to do this would be:
    $ gpg --keyserver subkeys.pgp.net --send-key [KeyID]

  3. Send the User ID(s), key ID, and fingerprint of the keys you'd like to have signed to mbrodeur@nexttime.com with the subject "PGP Key for MerriLUG" BEFORE 5PM EDT on Thursday the 15th. You don't need to send the actual key, as I will retrieve it from subkeys.pgp.net anyway.
    If you're feeling geeky, this will work:
    $ gpg --fingerprint [KeyID] | mail -s "PGP Key for MerriLUG" mbrodeur@nexttime.com

  4. Ensure your key appears on the Check Sheet before 5PM on Thursday. Print a copy to bring to the meeting with you.

  5. Bring to the meeting the Check Sheet, a separate verified copy of your key fingerprint, and at least two reliable and recognizable photo IDs. Whether anyone signs you key will depend on how much they trust that you've proven your identity. Examples of good IDs to use would be passports, driver's licenses, or military IDs.

  6. After the meeting, grab the Key Ring (ASCII armored) and sign the keys you've verified. A tool like "CA - fire and forget (caff)" will make this task much easier. caff is available in the "signing-party" package for Debian, "pgp-tools" in Fedora, as well as several other distros.

Presentation Slides