Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

NANOG 32 PGP key signing announcement

  • From: John Kristoff
  • Date: Fri Oct 15 10:54:50 2004

For those that have added your PGP key to the keyring at biglumber,
thank you.  If you have not yet submitted your key, please do so,
and know that you can safely ignore the remainder of this message.

At NANOG 32 we will be trying out a new, hopefully greatly improved
method for signing keys for those who have submitted their key in
advance.  It is our hope that this will greatly expedite the signing
process in order to minimize time away from any beer BoF.

To partake in this new process, you must do the following:

1. Download the early submission NANOG 32 key list from here:

   <http://aharp.ittns.northwestern.edu/tmp/nanog32-earlykeys>

2. Verify the MD5 and SHA-1 message digest for the above file.  Your
   calculation of those values should be as follows:

        MD5: b008f14388cb2abbf1c695808a40b1eb
      SHA-1: 22737af62b1278590074bdabebb0b3d9f57d53b0

3. Bring a hard copy of the key list and your calculated message digest
   values with  you to the keysigning event on Monday night.

The file above is a snapshot from the keyring on biglumber at UTC 14:00,
Friday, October 15.  There were a total of 27 keys on the keyring at
that time.

After a brief PGP introduction Monday night, I'll read aloud the
message digest values for the file in the link above (they should
match the values in this message shown above).  Each participant in
the early key list simply has to confirm or deny that the fingerprint
from the file is indeed their's.  For those in this group, there is
no need to read aloud your entire fingerprint.

Of course, you still need to go around and verify identities as we've
always done.  This is done according to your own policy, but it is
recommended that you have at least two trustworthy forms of picture
identification (e.g. driver's license and passport).

Additionally I will bring the hard copies of the key list, as of 6:00
p.m., local event time, to the keysigning event.  This will include
all keys, including those submitted after UTC 14:00, Friday, October
15.  Signing keys between early and later submission groups will occur
in the traditional fashion.

If you have any trouble obtaining the key list, verifying the message
digest values above or even have general questions about the process
feel free to shoot me an email off list.

References:

NANOG 32 PGP key signing event page
<http://www.nanog.org/pgp.html>

NANOG 32 keyring
<https://www.biglumber.com/x/web?keyring=7840>

Efficient Group Key Signing Method
<http://sion.quickie.net/keysigning.txt>

GnuPG Keysigning Party HOWTO
<http://www.cryptnet.net/fdp/crypto/gpg-party.html>

John  




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.