Am Montag, 26. Januar 2015, 09:17:24 schrieb Digimer: > On 26/01/15 09:14 AM, Jan Pokorný wrote: > > Hello cluster masters, > > > > On 13/01/15 00:31 -0500, Digimer wrote: > >> Any concerns/comments/suggestions, please speak up ASAP! > > > > I'd like to throw a key-signing party as it will be a perfect > > opportunity to build a web of trust amongst us. > > > > If you haven't incorporated OpenPGP to your communication with the > > world yet, I would recommend at least considering it, even more in > > the post-Snowden era. You can use it to prove authenticity/integrity > > of the data you emit (signing; not just for email as is the case > > with this one, but also for SW releases and more), provide > > privacy/confidentiality of interchanged data (encryption; again, > > typical scenario is a private email, e.g., when you responsibly > > report a vulnerability to the respective maintainers), or both. > > > > In case you have no experience with this technology, there are > > plentiful resources on GnuPG (most renowned FOSS implementation): > > - https://www.gnupg.org/documentation/howtos.en.html > > - > > http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html# > > prep> > > (preparation steps for a key-signing party) > > > > - ... > > > > To make the verification process as smooth and as little > > time-consuming as possible, I would stick with a list-based method: > > http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html#l > > ist_based and volunteer for a role of a coordinator. > > > > > > What's needed? > > Once you have a key pair (and provided that you are using GnuPG), please > > > > run the following sequence: > > # figure out the key ID for the identity to be verified; > > # IDENTITY is either your associated email address/your name > > # if only single key ID matches, specific key otherwise > > # (you can use "gpg -K" to select a desired ID at the "sec" line) > > KEY=$(gpg --with-colons 'IDENTITY' | grep '^pub' | cut -d: -f5) > > > > # export the public key to a file that is suitable for exchange > > gpg --export -a -- $KEY > $KEY > > > > # verify that you have an expected data to share > > gpg --with-fingerprint -- $KEY > > > > with IDENTITY adjusted as per the instruction above, and send me the > > resulting $KEY file, preferably in a signed (or even encrypted[*]) email > > from an address associated with that very public key of yours. > > > > [*] You can find my public key at public keyservers: > > http://pool.sks-keyservers.net/pks/lookup?op=vindex&search=0x60BCBB4F5CD7F > > 9EF Indeed, the trust in this key should be ephemeral/one-off > > (e.g., using a temporary keyring, not a universal one before we proceed > > with the signing :) > > > > > > Timeline? > > Best if you send me your public keys before 2015-02-02. I will then > > compile a list of the attendees together with their keys and publish > > it at https://people.redhat.com/jpokorny/keysigning/2015-ha/ > > so you can print it out and be ready for the party. > > > > Thanks for your cooperation, looking forward to this side-event and > > hope this will be beneficial to all involved. > > > > > > P.S. There's now an opportunity to visit an exhibition of the Bohemian > > Crown Jewels replicas directly in Brno (sorry, Google Translate only) > > https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie > > =UTF-8&u=http%3A%2F%2Fwww.letohradekbrno.cz%2F%3Fidm%3D55 > =o, keysigning is a brilliant idea! > > I can put the keys in the plan wiki, too.
What about publishing keys in DNSSEC? Mit freundlichen Grüßen, Michael Schwartzkopff -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein _______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
