On Sun, Jun 24, 2018 at 1:05 PM, Gunnar Wolf <gw...@gwolf.org> wrote: > DebConf18: Call for keys for keysigning in Hsinchu, Taiwan > > As part of the Debian Conference (DebConf18) that will be held in > Hsinchu, Taiwan, there will be OpenPGP (pgp/gpg) keysignings. If you > intend to participate in the DebConf18 keysignings, please send your > ascii armored public key as explained at [0] no later than 23:59 > UTC/GMT/Zulu on Sunday 22 July 2018. I'll start processing keys after > a day or two. > > More (and up-to-date) information is available at [0], so keep > watching it. > > [0] http://people.debian.org/~gwolf/ksp-dc18/ksp-dc18.html > > If you have questions please send them to the mailing list at > debconf-disc...@lists.debconf.org. If you don't want to post to the > mailing list, send your questions to d...@debian.org, gw...@debian.org > and nood...@debian.org.
Thanks for organizing this keysigning event, every year! However, I find the guide a bit outdated. - It mentions "OpenPGP Best Practices", but the document declare itself outdated, which was written for GnuPG 1.4. [0] The updated document, which is for GnuPG 2.1, is still on-going status[1]. I think many of us have already migrated to GnuPG 2.1, which is default since Stretch. so it's worth being noted this. - It recommends hopenpgp-tools for key checking, but it cannot work well with GnuPG 2.1 [2]. - If user don't configure a working MTA, it's hard to send out the email. Especially for new contributor. There're many reasons not to set up a working MTA. I know it's possible to setup exim4 as smarthost [3], but .. personally, I don't like to be flooded by notice, such as cron job of my own machine everyday. And I don't like my gmail credential being saved as plain text in system. So what I recommend is using msmtp, which already works well with caff [4][5]. In this way, the gmail credential can be saved as encrypted file by GPG, and got decrypted on-the-fly when you send email [6]. After set msmtp up, we can use almost the same command as sendmail, just replace sendmail with msmtp: ==== (echo -e "To: gw...@debian.org\nFrom: Your Full Name <n...@example.org>\nBcc: n...@example.org\nSubject: KeySigning Party @ DebConf18\n"; gpg --armor --export-options export-clean,export-minimal --export 0xfedcba9876543210 0x0123456789abcdef | gpg --local-user 0xfedcba9876543210 --clearsign --local-user 0x0123456789abcdef --clearsign) | msmtp -t ==== Maybe we can discuss how to improve this during my stay in DebCamp / DebConf. See you around! [0] https://riseup.net/en/security/message-security/openpgp/best-practices#how-to-use-this-guide [1] https://github.com/riseupnet/riseup_help/issues/451 [2] https://bugs.debian.org/868769 [3] https://wiki.debian.org/GmailAndExim4 [4] https://wiki.debian.org/caff#Requirements [5] https://wiki.debian.org/caff/msmtp [6] https://wiki.debian.org/msmtp Cheers, -- Roger Shimizu, GMT +9 Tokyo PGP/GPG: 4096R/6C6ACD6417B3ACB1
