FISL10 Keysigning Party

[ Deadline for sending keys has passed. Get the files for the party and come prepared. ]

With the discovery that SHA-1 attacks can be made effective in a short timeframe, and in order to reinforce the Web of Trust, during the last day of the 10th International Free Software Forum an OpenPGP keysiging party will take place. This party will follow Zimmermann-Sassaman Projected Protocol aiming at maximum agility. To participate, in summary, you must:

  • Send your key to keyserver ksp.softwarelivre.org until 21-Jun-2009 (Note: this is a send-only server): 
          bash$ gpg --keyserver ksp.softwarelivre.org --send-keys KeyID
          gpg: sending key KeyID to hkp server ksp.softwarelivre.org
          bash$
  • Check if the server got your key by trying to send it again (you must get an error type 409): 
          bash$ gpg --keyserver ksp.softwarelivre.org --send-keys KeyID
          gpg: sending key KeyID to hkp server ksp.softwarelivre.org
          gpgkeys: HTTP post error 22: url returned error 409
          gpg: keyserver internal error
          gpg: keyserver send failed: keyserver error
          bash$
  • Wait for the keylist to be published here, along with the hashs.
  • Print the list and calculate yourself its hashs, marking the appropriate spot in case they match.
  • Take to the party two photo-ids (at least one of them issued by a governmental entity), a copy of your key fingerprint, the list you yourself printed, and a pen.

Old keys

This will be a generical party. As such, old keys (DSA 1024, with SHA-1) will be accepted, no problems. However we strongly advise that new, stronger keys be generated, taking full advantage of this party's potential to improve Web of Trust infrasctructure, given attacks to SHA-1 were just made easier.

If you hold old keys, please, consider taking the appropriate steps to replace them by stronger ones. If you still hold no OpenPGP key and intend to generate a pair to participate in this party, take this opportunity to generate strong keys (at least RSA 2048, SHA256 - check Key Length Site for a discussion on the length of the keys)... The previous reference shows how to configure GnuPG to generate and keep keys like this. (check here for a Mini-Howto on the issue).

More information

Check the keysiging party coordination webpage for more information.