Keysigning party

From 33C3_Public_Wiki
Jump to: navigation, search
Description We will check each other's identity papers and sign each other's OpenPGP keys. This builds the OpenPGP Web of Trust, and it's also just a nice get-together.
Type Meeting
Kids session No
Keyword(s) security
Tags GnuPG, OpenPGP, Keysigning
Person organizing Digital Brains
Language en - English
en - English
Other sessions...


Starts at 2016/12/28 19:30
Ends at 2016/12/28 22:30
Duration 180 minutes
Location Hall C.2

Important factoids

Our keysigning party will be using the classic informal method, where everybody brings a stack of keyslips (pieces of paper) and exchange them with the other participants.

In an earlier version of this wiki page, this was different, but I got too few signups.

Language, people

I think we'll be able to communicate as long as you speak either English, German, or Dutch. I can't speak German very well, but it would be truly extraordinary if there aren't people who speak both German and English attending this session.

What do you need to do before the party?

You can join us with a stack of keyslips. These can be produced with the tool gpg-key2latex, usually this suffices:

$ gpg-key2latex [YOURKEYID] >keyslips.tex
$ pdflatex keyslips.tex

You simply print out several pages of the PDF that is produced, and cut them up to be individual little paper slips. You'll need one per participant at the party. My keyslips would look like this:

pub  rsa2048/DE500B3E 2009-11-12 [expires: 2017-10-19]             [ESCA]
     Key fingerprint = 8FA9 4E79 AD6A B56E E38C  E5CB AC46 EFE6 DE50 0B3E

uid  Peter Lebbing <>

If you have your legal name and OpenPGP fingerprint on your business cards, those will do as well. And you can produce keyslips any which way you like, the one above is just probably one of the easier methods.

QR codes

The OpenKeyChain project has support for exchanging OpenPGP fingerprints through QR codes on phones rather than through keyslips. This means you can do a keysigning party without any paper! Monkeysign does the same for laptops (or unusually strong people carrying a full desktop with a long extension cord). I don't have any experience with these tools because I sign the keys when I'm back at home behind my desktop, and last I checked, these tools require you to do the signing on-the-spot. When two people both use the QR code method, they can exchange fingerprints. But most of the attendees will probably want a keyslip from you, so they will not be able to sign your key if all you've got is a QR code on your phone!

(If you wish to infer from the previous paragraph that I am not unusually strong, you'd be correct.)

At the party

We'll form a line so everybody meets everybody else one by one. If you are sufficiently convinced by the identification presented by someone, that person will give you their keyslip, which you can stuff in your trouser pocket.

At the end of the party, you store your stack of keyslips somewhere safe and guard it with your very life! :) You will need to keep it safe until the time you will sign all the keys.

Further reading

(I organized the keysigning at the 29C3 as well, btw. I suppose I'm a leap year organizer?)

(This text is copyright 2016 Peter Lebbing under the CC-BY-SA 3.0 licence)