cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Crossley <cross...@apache.org>
Subject Re: [GT 2004] PGP key signing?
Date Fri, 22 Oct 2004 14:46:33 GMT
So how did the key signing go at the GetTogether?

Did you also update the KEYS file in our cocoon SVN?

--David

Dirk-Willem van Gulik wrote:
> Bertrand Delacretaz wrote:
> 
> > I've never organized a signing party, but if everyone comes with
> > several printed copies of their key, with their name on it, I think
> > it's fairly easy to swap them and validate at least the people that we
> > know well.
> 
> Easiest way to do this is:
> 
> Ask people to go to a wiki page:
> 
> 	http://wiki.apache.org/cocoon/CocoonGetTogether2004PGP
> 
> or someting like that.
> 
> Then on that page have something like
> 
> -	Ensure your fingerprint is at a keyserver (See
> 	http://pgp.mit.edu/) for details.
> 
> -	Please add your fingerprint+email to this page; e.g.
> 	the output 'gpg --fingerprint dirkx@apache.org' or
> 	'pgpk -ll dirkx@apache.org'
> 
> 	pub  1024R/EC140B81 1997-04-10 Dirk-Willem van Gulik
> 	<dirkx@apache.org>
> 	Key fingerprint = A5 EC 78 D5 BB DE FE ED  50 55 DA 6D C6 E0 E7 85
> 
> And ask people to do this before the first day of the event. Then at the
> event print out N copies of this page. Then whenever you meet (or you just
> all meet) you each verify with each other that *your* on *their* printout
> is correct. And then 'they' put an OK next to your name.
> 
> Once you get home you can add/sign each of the fingerprints you have made
> a mark against.
> 
> Dw


Mime
View raw message