This Blog Is Not For Reading

A blog, just like any blog, only more so

  • Subscribe

  • Categories

  • RSS Bob Jonkman’s Microblog

    • bobjonkman repeated a notice by clacke 13 November 2021
      RT @clacke I think everyone should learn at least a little bit of computer programming, so they can learn to hate computers at deeper level."Give a man a program, frustrate him for a day. Teach a man to program, frustrate him for a lifetime."twitit.gq/ddzwiedziu/status/14…
    • Favorite 13 November 2021
      bobjonkman favorited something by clacke: I think everyone should learn at least a little bit of computer programming, so they can learn to hate computers at deeper level."Give a man a program, frustrate him for a day.Teach a man to program, frustrate him for a lifetime."twitit.gq/ddzwiedziu/status/14…
    • New note by bobjonkman 8 November 2021
      Some of us still do that - make the content the most important thing on the page, rather than the chrome and the flash and the bling...
    • bobjonkman repeated a notice by lxo 8 November 2021
      RT @lxo remember when web site designers worked really hard to cut down the amount of nonsense on the web page so it would spend fewer server, network and client resources, and would load faster? those were the days. that was before surveillance capitalism took hold, I suppose.
    • Favorite 8 November 2021
      bobjonkman favorited something by lxo: remember when web site designers worked really hard to cut down the amount of nonsense on the web page so it would spend fewer server, network and client resources, and would load faster? those were the days. that was before surveillance capitalism took hold, I suppose.
    • Favorite 2 November 2021
      bobjonkman favorited something by lnxw48a1: "htyps" is the secure typos protocol. This should have been "https" instead.
    • bobjonkman repeated a notice by lnxw48a1 2 November 2021
      RT @lnxw48a1 "htyps" is the secure typos protocol. This should have been "https" instead.
    • New note by bobjonkman 28 October 2021
      Me too! I've been reading things for radio broadcast, but I have no idea what I'm saying... Concentrating too hard on reading ahead of what I'm speaking so I can do the intonation right...
    • bobjonkman repeated a notice by lxo 28 October 2021
      RT @lxo funny thing, when I read stuff aloud, it's like DMA, it doesn't go through the CPU, and I can't recall what I've heard. I only retain what I read if I read it quietly
    • Favorite 28 October 2021
      bobjonkman favorited something by lxo: funny thing, when I read stuff aloud, it's like DMA, it doesn't go through the CPU, and I can't recall what I've heard. I only retain what I read if I read it quietly

Preparing for the Keysigning Cryptoparty, 2 Dec 2013

Posted by Bob Jonkman on 24th November 2013

Key Pair

Cryptoparty like it’s 31 December 1983!

At the next KWLUG meeting on Monday, 2 December 2013 I’ll be demonstrating how to do e-mail encryption with Thunderbird and Enigmail. If you’ve never used e-mail encryption before then bring a laptop, and we’ll create keys and learn how to use them. We’ll save the lesson with pointy sticks for another day.

For those people who already have GnuPG/PGP keys I’m also hosting a Formal Keysigning. Participants will introduce themselves, read their GnuPG key fingerprint, then anyone else is invited to vouch for that person:

Bob: “I’m Bob Jonkman, and my GnuPG fingerprint is 04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA”

Andrew: “I’ve known Bob since the early days, and that’s really him”

This is a great way to expand your Web Of Trust to include people whose keys you might not otherwise sign (because you don’t know them very well, or they only have ID issued by an authority you don’t like). With all these introductions and vouchings the chance of someone misrepresenting their identity is vanishingly small, so you can trust that the key fingerprint they read is really associated with that person.

To make this process go smoothly I’d like to have a printout of all the participants’ keyIDs, UserIDs, and key fingerprints, which I’ll distribute at the keysigning. That way you can just check off each name/keyID/fingerprint as people read them, and then sign their keys later at your leisure. But to get that printout I’ll need the public key of anyone who would like to participate in the keysigning.

If you’re using Thunderbird and Enigmail then open the Key Management window, right-click on your key and select “Send Public Keys by E-mail”, and send it to me ( bjonkman@sobac.com )

If you’re a command-line weenie then use

gpg --export 0xYOURKEYID > 0xYOURKEYID-public-key-for-YOURNAME.pgp

and send that file 0xYOURKEYID-public-key-for-YOURNAME.pgp to me (substitute your actual keyID and actual name as needed).

Of course, I’d prefer signed, encrypted e-mail, but public keys are public (so encryption isn’t necessary), and public keys should already be self-signed anyway.

Unfortunately, if you’re creating your keys for the first time at the meeting you won’t be able to send me anything now. You can still participate in the vouching process, and we’ll have an informal keysigning after the formal keysigning, where all you need to do is read your fingerprint straight from your computer and those people who already know you can sign your key.

I’m still working on the procedures for the formal keysigning; you can see the work in progress (and contribute!) on the Formal Keysigning page on the Wiki.

Thanx, and hope to see you on Monday, 2 December 2013!

–Bob, who is the Keymaster. Who will be the Gatekeeper?

The Cryptoparty keypair logo from the Cryptoparty Artwork repository on GitHub is available in the CC0Public Domain.

Tags: , , , , , , , , , , , , , , , , , ,
Posted in Crypto, email, KWLUG, PGP/GPG, privacy | Comments Off on Preparing for the Keysigning Cryptoparty, 2 Dec 2013

 
Better Tag Cloud