On Sat, Jul 14, 2012 at 11:04:48PM +0100, richard.lee.parsons@gmail.com wrote:
Thanks Steve for the report.
On Fri, Jul 13, 2012 at 04:56:44PM +0100, Steve Engledow wrote:
On a suggestion from rlp10, last night ended up being somewhat of a PGP key-signing party. All of us around the table (there were 6 of us) - plus one passer-by that I happened to know - had PGP (or rather GPG) keys so, over the course of the night, we managed to each sign eachothers keys. There was even provision of ID and encrypted emails sent to verify identity and key ownership. A fairly textbook key-signing I'd say.
Are there other list members who use GPG? It would be good to extend the web of trust beyond the regular pub attenders.
If you're going to do key-signing can you all update to "strong" keys please (ie something that's at least 2048 bits in size and uses a hash from the SHA-2 family; there are quite a few 1024D/SHA-1 keys in use it seems). If you're not sure how to generate one the instructions at:
http://keyring.debian.org/creating-key.html
might be helpful.
(In the event I turn up to an ALUG at some point I'm happy to cross sign with people but don't hold your breath on that.)
J.