Keysigning: Difference between revisions

Revision as of 22:21, 10 September 2009

You have a private key and a public key, which you generate (your keypair).
People use your public key to send you encrypted messages that only you can open via the magic of crypto!
You decrypt these messages with your private key, which only you have access to.
But first, you must share your public key, either directly or by uploading it to a keyserver.
If it's on a keyserver, they must download it from the keyserver.
If it was a file, they can import it manually.
Now they can sign the key and send the key back to the keyserver.
But before anyone signs anyone elses key they have to make sure that person actually owns that key (checking physical ID).
Now people can see that you believe that key to be valid, which improves the chances of it being a valid key! (web of trust)
Now you're all set, but you also want to...
- Generate a revokation certificate in case you lose your passphrase or your key is comprimised!

For the keysigning party on Thurs 9/10 we will use the pgp.mit.edu keyserver
I will pass around copies of signatures so you can check people off as you confirm their identity
I recommend using a valid state photo ID as a minimum validation. It is up to your personal "keysigning policy."

@@ Line 19: / Line 19: @@
 * I recommend using a valid state photo ID as a minimum validation. It is up to your personal "keysigning policy."
-Links:
+== Links ==
 * [http://commandline.org.uk/command-line/ten-steps-for-attending-a-keysigning-party/ Keysigning commands]
 * [http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html#overview Keysigning HOWTO]