Hi all,
Sorry I can't reply to the message Ben just sent, since I only just
subscribed to the list. I'm going to kick off a discussion on Thursday
about PGP (Pretty Good Privacy -- i.e., the public key signing and
encryption system). I thought it would be useful to have a key signing
party at the same time. I've personally got just three signatures on
my key so it would be good to get some more.
If you have a PGP private key, please bring along your key fingerprint
to give to others. Maybe print a few copies to hand out (Ben has them
on his business card, which is what started this topic in the first
place) and/or bring some paper to write down other peoples'. Also
bring some ID such as a drivers' license -- technically nobody should
sign your key unless they see some ID.
To do this, just type
gpg --fingerprint <your name>
For example, I typed:
$ gpg --fingerprint Matt
pub 2048R/17CD4540 2010-07-28 [expires: 2012-07-27]
Key fingerprint = D72A 85CC E446 FBA5 99E5 C2B1 F50F BA8E 17CD 4540
uid Matt Giuca
uid Matt Giuca
sub 2048R/204479B7 2010-07-28 [expires: 2012-07-27]
Write down the 40 digit string after "Key fingerprint" and bring it along.
Note: That's just an example. You shouldn't trust that the above
string is actually my fingerprint until you see me in person (that's
the whole point of PGP).
If you don't have a private key, maybe now is a good time to get one.
Install GnuPG (http://www.gnupg.org/) and then type:
gpg --gen-key
and follow the prompts. The default settings should be fine. Use your
real name (that appears on your driver's license) and a valid email
address that you control. Make sure you pick a strong password which
you haven't used elsewhere, and remember it. Afterwards, the contents
of your ~/.gnupg directory should be considered sensitive (although
nobody will be able to impersonate you unless they guess your secret
password as well). Then, upload your key to a keyserver:
gpg --list-keys
Find your key in the list. Your key ID is the part after the slash.
For me, this shows:
pub 2048R/17CD4540 2010-07-28 [expires: 2012-07-27]
uid Matt Giuca
uid Matt Giuca
sub 2048R/204479B7 2010-07-28 [expires: 2012-07-27]
So my key ID is 17CD4540.
gpg --keyserver keyserver.ubuntu.com --send-keys <your-key-id>
That's just an example keyserver. You can choose any one you like, and
they should all eventually synchronise your key.
Hope to see you on Thursday.
Matt Giuca
0x17CD4540