SHA2017 Wiki - User contributions [en]

Keysigning-Party

2017-08-02T23:32:30Z

WebSpider:

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

Pre-signups are closed! However, please bring your own keyslip, as we still love to sign your keys. It just won't be that efficient :)

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== What? ==
At a keysigning party, we sign eachothers PGP/GPG keys, to improve the web of trust. Also, please read https://wiki.debian.org/Keysigning

== Pre-registration ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to keysigning@sha2017.org
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || Yes
|-
| [[User:Piet0r]] || 0xD43B003FB3684634 || ACK
|-
| [[User:Atluxity]] || 0xA87A3C11E1F73953 || yes
|-
| [[User:-hp197]] || 0xAC082B028971394C || yez
|-
| [[User:sprawl]] || 0x1FDD301FB636D58B 0xAE8DA3E6A86CD3C0 || done
|-
| [[User:malan]] || 0x84e614e61e13dac3 || Not yet
|-
| [[User:LaKoon]] || 0x3280EC393A363153 (RSA) 0x593C2E2F7F98F97D (ECC) || Yes
|-
| [[User:F]] || 0xA7A6F879006DF9EB || Yes
|-
| [[User:DigitalBrains]] || 0xAC46EFE6DE500B3E || Yes
|-
| [[User:B0b]] || 0x5DC466D89EF3884C || Yes
|-
| [[User:g5pw]] || 0xE140E1EEA54EE677 || Yes
|-
| [[User:Xesxen]] || 0x6001AAE97C319893 || Done
|-
| [[User:Andy]] || 0x0CAFC463F721D5BF 0xE9988FAC60C89A41 0xF11D74D8A5F33D1C || Yes
|}

== But I was there too! ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! E-mail (in case of signing trouble)
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || nils@familievogels.nl
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# (DONE) All participants email their public key to the keysigning coordinator, diligently reading e-mails addressed to keysigning@sha2017.org
# (DONE) The coordinator compiles all the submitted keys into an event keyring.
# (DONE) The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# (DONE) The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.

You may find the keyring, file and checksums at http://familievogels.nl/sha2017-ksp/
(Unfortunately I have had some issues with getting a sha2017.org website up and running, so that's why I'm publishing this late on a random domainname)

# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-08-02T23:29:52Z

WebSpider: Compiled list.

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

Pre-signups are closed! However, please bring your own keyslip, as we still love to sign your keys. It just won't be that efficient :)

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== What? ==
At a keysigning party, we sign eachothers PGP/GPG keys, to improve the web of trust. Also, please read https://wiki.debian.org/Keysigning

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to keysigning@sha2017.org
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || Yes
|-
| [[User:Piet0r]] || 0xD43B003FB3684634 || ACK
|-
| [[User:Atluxity]] || 0xA87A3C11E1F73953 || yes
|-
| [[User:-hp197]] || 0xAC082B028971394C || yez
|-
| [[User:sprawl]] || 0x1FDD301FB636D58B 0xAE8DA3E6A86CD3C0 || done
|-
| [[User:malan]] || 0x84e614e61e13dac3 || Not yet
|-
| [[User:LaKoon]] || 0x3280EC393A363153 (RSA) 0x593C2E2F7F98F97D (ECC) || Yes
|-
| [[User:F]] || 0xA7A6F879006DF9EB || Yes
|-
| [[User:DigitalBrains]] || 0xAC46EFE6DE500B3E || Yes
|-
| [[User:B0b]] || 0x5DC466D89EF3884C || Yes
|-
| [[User:g5pw]] || 0xE140E1EEA54EE677 || Yes
|-
| [[User:Xesxen]] || 0x6001AAE97C319893 || Done
|-
| [[User:Andy]] || 0x0CAFC463F721D5BF 0xE9988FAC60C89A41 0xF11D74D8A5F33D1C || Yes
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# (DONE) All participants email their public key to the keysigning coordinator, diligently reading e-mails addressed to keysigning@sha2017.org
# (DONE) The coordinator compiles all the submitted keys into an event keyring.
# (DONE) The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# (DONE) The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.

You may find the keyring, file and checksums at http://familievogels.nl/sha2017-ksp/
(Unfortunately I have had some issues with getting a sha2017.org website up and running, so that's why I'm publishing this late on a random domainname.

# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

User:WebSpider

2017-07-27T23:50:40Z

WebSpider:

{{User
|Name=WebSpider
|Bringing=A tent. A laptop. A smile. Quite possibly my wife and 2 kids (0,3)
|Village=Village:Family Village
|Arrival=2017/08/02
|BuildupVehicle=Car, Transporter
|Departure=2017/08/08 09:00
|Twitter=pintotheball
}}
Ohai fans.

Keysigning-Party

2017-07-27T23:43:56Z

WebSpider:

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

'''UPDATE: Pre-signup is possible until 1/8/2017 18:00 CEST. If we do not meet roughly 20 participants by then, we will fall back to basic keyslip exchange, because the Sassaman-Efficient dance isn't efficient then.'''

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== What? ==
At a keysigning party, we sign eachothers PGP/GPG keys, to improve the web of trust. Also, please read https://wiki.debian.org/Keysigning

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to keysigning@sha2017.org
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || Yes
|-
| [[User:Piet0r]] || 0xD43B003FB3684634 || ACK
|-
| [[User:Atluxity]] || 0xA87A3C11E1F73953 || Not yet
|-
| [[User:-hp197]] || 0xAC082B028971394C || yez
|-
| [[User:sprawl]] || 0x1FDD301FB636D58B 0xAE8DA3E6A86CD3C0 || done
|-
| [[User:malan]] || 0x84e614e61e13dac3 || Not yet
|-
| [[User:LaKoon]] || 0x3280EC393A363153 (RSA) 0x593C2E2F7F98F97D (ECC) || Yes
|-
| [[User:F]] || 0xA7A6F879006DF9EB || Yes
|-
| [[User:DigitalBrains]] || 0xAC46EFE6DE500B3E || Yes
|-
| [[User:B0b]] || 0x5DC466D89EF3884C || Yes
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator, diligently reading e-mails addressed to keysigning@sha2017.org
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-07-27T23:43:42Z

WebSpider:

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

UPDATE: Pre-signup is possible until 1/8/2017 18:00 CEST. If we do not meet roughly 20 participants by then, we will fall back to basic keyslip exchange, because the Sassaman-Efficient dance isn't efficient then.

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== What? ==
At a keysigning party, we sign eachothers PGP/GPG keys, to improve the web of trust. Also, please read https://wiki.debian.org/Keysigning

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to keysigning@sha2017.org
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || Yes
|-
| [[User:Piet0r]] || 0xD43B003FB3684634 || ACK
|-
| [[User:Atluxity]] || 0xA87A3C11E1F73953 || Not yet
|-
| [[User:-hp197]] || 0xAC082B028971394C || yez
|-
| [[User:sprawl]] || 0x1FDD301FB636D58B 0xAE8DA3E6A86CD3C0 || done
|-
| [[User:malan]] || 0x84e614e61e13dac3 || Not yet
|-
| [[User:LaKoon]] || 0x3280EC393A363153 (RSA) 0x593C2E2F7F98F97D (ECC) || Yes
|-
| [[User:F]] || 0xA7A6F879006DF9EB || Yes
|-
| [[User:DigitalBrains]] || 0xAC46EFE6DE500B3E || Yes
|-
| [[User:B0b]] || 0x5DC466D89EF3884C || Yes
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator, diligently reading e-mails addressed to keysigning@sha2017.org
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-06-22T12:58:45Z

WebSpider: Add e-mail addy

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== What? ==
At a keysigning party, we sign eachothers PGP/GPG keys, to improve the web of trust. Also, please read https://wiki.debian.org/Keysigning

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to keysigning@sha2017.org
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || Yes
|-
| [[User:Piet0r]] || 0xD43B003FB3684634 || Not yet
|-
| [[User:Atluxity]] || 0xA87A3C11E1F73953 || Not yet
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator, diligently reading e-mails addressed to keysigning@sha2017.org
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-06-19T22:31:36Z

WebSpider:

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== What? ==
At a keysigning party, we sign eachothers PGP/GPG keys, to improve the web of trust. Also, please read https://wiki.debian.org/Keysigning

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to (TODO: Get @sha2017.org address)
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || Not yet
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator. (TODO: Get an @sha2017.org email address for this)
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-06-19T22:25:20Z

WebSpider:

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to (TODO: Get @sha2017.org address)
|-
| [[User:WebSpider]] || 0x37A169A51AC33EA2 || Not yet
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator. (TODO: Get an @sha2017.org email address for this)
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-06-19T22:22:00Z

WebSpider: /* Participants */

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to (TODO: Get @sha2017.org address)
|-
| [[User:WebSpider]] || 0x1AC33EA2 || Not yet
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator. (TODO: Get an @sha2017.org email address for this)
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-06-19T22:21:39Z

WebSpider:

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.

The SHAdaptions mainly consist of:
* Replacing the checksums with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy
For a complete protocol, please see below at the Protocol section

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed, but in a less efficient manner.

== Participants ==

{| class="wikitable"
|-
! Name !! KeyID (0xlong) !! Sent key to (TODO: Get @sha2017.org address)
|-
| [User:WebSpider] || 0x1AC33EA2 || Not yet
|-
| You || 0x1234567890abcdef || ?
|-
| Him || 0xabcdef0123456789 || ?
|}

== Protocol ==
The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator. (TODO: Get an @sha2017.org email address for this)
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-06-19T22:03:20Z

WebSpider:

The Keysigning party at SHA2017 will be a classic Sassaman-Efficient based keysigning party with some SHAdaptions, provided that at least 20 people show up. If not, we'll fall back to exchanging keyslips.
The SHAdaptions mainly consist of:
* Replacing the checksum with a SHA256 one
* Adding badges for easily verifying keys visually, and showing your signing policy

Additionally, everyone is encouraged to bring keyslips anyway, so people who have not been able to prepare, can sign and have their key signed!

The SHAdapted Sassaman-Efficient protocol goes as follows:

'''Before The Event'''
# All participants email their public key to the keysigning coordinator. (TODO: Get an @sha2017.org email address for this)
# The coordinator compiles all the submitted keys into an event keyring.
# The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the SHA256 checksum of the list.
# The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with all the checksums.
# Participants download the text file and calculate the checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
# Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

'''At The Event'''
# All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
# The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
# Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct, and put a tick in their keysigning-badge.
# Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
# Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

'''After The Event'''
# Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
# Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
# Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
# Signatures sent to each participant by other participants are imported into their local keyring.

Keysigning-Party

2017-06-19T21:24:38Z

WebSpider: *

(void)

User:WebSpider

2017-02-04T01:30:38Z

WebSpider: Created page with "Ohai fans."

Ohai fans.