BSDCan Keysigning 2006

This keysigning was held at the BSDCan conference in Ottawa on Saturday 13th May 2006.

To participate, please email your fingerprint to keys-bsdcan-at-wil.cx. If you're using GNU Privacy Guard, the easiest way to do this is to send the output from gpg --fingerprint <key-id>.

Key slips

Due to a lack of preparation time, we will NOT be using one of the group keysigning methods such as Sassaman's. Instead, please print out copies of your fingerprint and be ready to hand them out to people at the event. We currently anticipate around 60 people will attend the keysigning, so you probably want to print out at least this many slips.

A typical slip should have your name, your email address and your fingerprint on it. You may also wish to include other information -- many people print their fingerprint on their business cards. For an example, here's the slip I print:

pub   1024D/8E7C03FF 2001-02-17  Matthew Wilcox <willy-at-debian.org>
      Key fingerprint = 38FA A231 A84D E7C5 7248  50CC 2218 C81E 8E7C 03FF
uids  willy-at-eh.org  matthew-at-wil.cx

I fit about 15 of these on a page of A4 or Letter paper, with a few blank lines between each to give me the space to tear it. You can be more creative than this -- just make sure that the fingerprint is easy to read (I recommend a fixed width font).

On the day

You will need:

• A small container (eg bag, file folder, box) to collect other people's fingerprints in.
• Your own key slips (as described above)
• Photo ID (a passport is recommended)
• Some patience (these things are never as efficient as one might hope them to be)

We shall meet after the all conference assembly on Saturday and somehow organise ourselves in a manner that allows each of us to meet each other. Upon meeting a person (if you do not know them personally), you should first examine their ID and compare it to their face. If this satisfies you, accept a keyslip from them, check the name matches the ID and stuff the keyslip into your bag. Then you should reciprocate by showing your ID and offering a keyslip.

Different people have different standards of trust; feel free to augment this procedure with other methods for establishing trust. For example, you may want to make a physical mark on their keyslip so you know it isn't substituted before you get it home. One quite elaborate procedure is used by some Debian developers. A less elaborate procedure might involve signing each UID separately and emailing it encrypted to the email address in the UID.

If you have any questions, please feel free to email me at keys-bsdcan-at-wil.cx and I'll do my best to help you.