The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Keysigning at Linux congress in Wuerzburg



On May 2, I wrote
> I'll probably be attending the 4th International Linux-Congress in
> Würzburg.  Are there any other Debian developers attending? If so, maybe
> we can organize a small keysigning session.

On May 2, Martin Schulze asked me
> I would appreciate if you would post a list of stuff we should bring with
> us. :-)

On May 5, Bernd Eckenfels commented
> I think we can make that key signing session within the kongress-wide
> signing session (I bet anyone will schedule one).

I've just asked if there'll be an officially scheduled session; I've
received no reply yet. If there isn't, we could probably do it during the
birds of a feather session time at thursday.

As for how it'll work, here's a proposition (mind you, I've never organised
anything like this before, so please comment on possible holes); for
security reasons, it will be "off-line" signing (thus not requiring you to
bring/find a trusted system).

- BEFORE the congress, make sure an up to date version of your public key
  is available in the developer's keyring and the regular PGP servers.
  Make sure that
  - it is self-signed.
  - it includes your debian.org email address if you use that to sign
    packages.
- to the congress, take with you
  - government-issued ID (must have full name and photograph), e.g. 
    passport or driver´s license. [*]
  - a suffient number (10?) of printouts containing
    - your full name or net.identity
    - your preferred email address
    - your PGP key fingerprint with all the userids you use (esp. the
      debian.org one if you use it).
    - your full PGP public key (ASCII-armored).
    - (optionally) your photograph
- at, or after the congress,
  - sign the keys you've verified, and mail them (ASCII-armored) to their
    owner.
  - after receiving the expected signatures, mail you updated key to Igor
    for the developer's keyring, and to the regular PGP servers.

Comments?

Ray
-- 
Obsig: developing a new sig


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .