
PGP Key Signing Party Procedures
1. If you haven't already done so, download PGP
from MIT's website http://web.mit.edu/network/pgp.html and follow the instructions
to create your public/private keypair. We recommend a key length of 2048
bits. [If you've already created one at 1024 bits, don't worry about it.
It's probably going to be sufficient for years to come. But 512 is just
too short nowadays.]
2. Please RSVP to security@isc.upenn.edu including your public
key and PGP fingerprint in email no later than two working days prior to the
key signing party.
Windows Instructions: To send your public key to us in
email, launch PGP Keys (On Windows, Start->Programs->PGP->PGPKeys).
Scroll down in the PGPKeys window to your keypair. Right click on your
key, and then drag to Copy. Go to email and paste your public key
into your email message. Go back to PGPKeys and right click on your public
key, then click on Key Properties. Be sure that the "Hexadecimal"
box is clicked in the the "Fingerprint" section. Cut and paste your Hexadecimal
fingerprint from PGPKeys into your email message. (We're not especially
partial to hex - - it's just that the GUI doesn't seem to give you an easy way
to cut and paste it, and nobody likes to re-type sixteen words.)
Mac Instructions: (TBD)
3. Information Security will collate the keys and
print enough copies of the list of names/fingerprints so that once everyone
shows up, each person can get a handout.
4. Come to the keysigning party on the appointed
date. Bring your PennCard to identify yourself, and bring along a printed
(or otherwise readable) copy of your public key and your fingerprint.
5. After showing a PennCard to confirm identity,
everyone will read off their fingerprint (using the copy that they brought with
them in step 3, above). Each attendee will verify the fingerprint read
aloud against the one in the handout. Everyone takes the list of names,
signatures and verified fingerprints with them after the meeting (see step 5,
below).
6. Afterwards, Information Security will email
all attendees the keys so they can sign them and mail them back to security@isc.upenn.edu . (Be sure to
verify each key with the fingerprints from the list you got in step 4 above
at the meeting.)
7. Once we receive the signed keys, we'll redistribute
them back to the owners & attendees in email.
Please remember to send your public keys and fingerprints
to security two working days before the key signing party.
Information Security PGP keys area available at:
http://www.upenn.edu/computing/security/pgpkey.php
Last updated: Wednesday, January 3, 2007
|