Hi, I was just wondering if there was any interest in arranging a PGP key signing party in conjunction with the upcoming RIPE meeting. Hopefully this time we could get interest from more than 2-3 persons, as this query goes out at least one working day before the meeting ;-) I realize that the RIPE agenda is already quite full, and admit that I've not been in touch with the RIPE NCC about fitting a PGP key signing session into the schedule. Nevertheless I am willing to volunteer to collect the public keys and arrange the key signing party if there is more than a handfull of interested persons. I would tentatively suggest that we schedule the key signing party for "after 18:00 tuesday 21st". I hereby invite you to vote with your feet whether there should be such a key signing session. The procedure I'd like to suggest is as follows: o People who wish to have their public keys signed should send an ASCII extract (typically obtained with the command "pgp -kxa") of their PGP public key (minimally signed by yourself) to me (Havard.Eidnes@runit.sintef.no) before noon tuesday. Please use a subject line kontaining the string PGP-KEY. o After noon tuesday I will collect all the public keys in a public key ring and make it available with anonymous FTP from ftp://trane.uninett.no/tmp/ripe26-keys.pgp You need to fetch this keyring and incorporate the public keys therein into your own public keyring in order to sign the keys. o Come prepared for the session with a printout of your PGP key fingerprint of your public key (typcailly obtained with the command "pgp -kvc"). I will have handouts with all of the key fingerprints of the keys that people have mailed in. o The key signing party is actually a key verification session where a person at the front of the room (me?) reads the details of the key for each person (key ID, e-mail address and fingerprint), and these should be verified by the person owning the public key being verified. o Later, perhaps when you come home you can sign the keys you are comfortable signing; typically this will be the keys where you are certain that the person owning the key is who he claims to be. These signed keys can then be sent back to the owner of the key or to one of the public PGP key servers. Note that you do not need to have a laptop with you, only a printout of your public key details (at a minimum the fingerprint) which you have obtained directly, i.e. not via the handout at the meeting, and you can make notes on the handout and do the actual signing of the public keys later. If you need more information on PGP, please consult e.g. the International PGP home page at http://www.ifi.uio.no/pgp/ or any of its mirrors. If there are less than 6 people sending in their keys the key signing session will be cancelled. Regards, - Håvard