[Cialug] GNUPG Key Signing Party at the next meeting?

Sat, 28 May 2005 00:45:35 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Darcy Baston wrote:
> Mine is submitted to hkp://subkeys.pgp.net.
> 
> I imported your public key and it's verifying correctly now. Thanks! 
> I'm a little new at gnupg and thought that when someone signs a 
> message, it can be verified through a server of some kind. I guess it 
> has to have been submitted first or added manually like you suggested.
> 
> db

Cool.  Likewise, I did not have that key server in my list.  Once I
added it, Enigmail automatically found your key and added it to my
keyring.  Interestingly, it automatically marked the key as "untrusted"
because it came from the key server (this is a Good Thing).  Once we
verify keys at a key signing party (or by fingerprint, or some other
method), then I can update its trust status.  Pretty cool integration.

I have read a lot about PGP/GNUPG, but I'm fairly new to it myself.  I
have probably only sent about 10 or so signed and/or encrypted messages
total.  Until Enigmail, it was a bit of a hassle to prep the messages
for sending.  I have used other plug-ins and utilities that made it
easier, but Enigmail is IMHO one step closer to making public key
signing and encryption ubiquitous.

I know it is a pain in the arse, but for now I'm not going to put my key
on a key server.  Sorry, I guess I'm just a little bit paranoid.

- --
Tired programmer
Coding late into the night
The core dump follows

My GNUPG public key is available at http://www.kristau.net/public_key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCl/dubGjFn9jPMCgRAqGMAJ0S7uU0iRSCcUgUCH9S+e2q5xcVgACdHkjd
zocweUg5M+J/APwrJQjS8E0=
=36Yr
-----END PGP SIGNATURE-----