Organizing Large Key-Signing Events? 31
FooBarBaz asks: "I'll probably be organizing a quite large (read ~ 300+ people) PGP/GnuPG-Key-Signing-Event. Everyone suspiciously eyeing each others ID and reading fingerprints to everyone else is quite out of the question with such numbers. How would you organize something like that and still be able to select 'I have checked very carefully' when GPG asks?"
ID (Score:3, Informative)
Re:ID (Score:5, Insightful)
The odds are that the original questionner (Ask Slashdotter?) is American - only 5% of Americans own passports but, fortunately, most do have driving licenses that have a photograph on them. However, getting hold of a fake driving license is no problem in the US, and while a Texan might have no problem recognising a fake Texas license, s/he'll probably struggle to tell whether the license from Vermont that they've been presented with is the real mccoy.
Utility bills are useful - until you realise that only one, maybe two, of the occupants in the average household will be responsible for paying the bills. Which means you're probably shit out of luck if you live with family, friends or are at college.
Bank statements are also a mixed blessing. In the US, it's not uncommon for older kids (16+) to be issued with a credit card that's on their parents account. If you're a college student and this is you, then you probably never see a statement, and even if you do it's going to have one of your parents name on it not yours.
Bottom line is this: try to be a little bit flexible when asking for identification. Not everyone has the same life, with the same neatly pigeon-holed pieces of paper.
Re:ID (Score:1)
Re:ID (Score:1)
Re:ID (Score:2)
You could confirm many SSNs by looking at their driver's license, but not everyone has an SSN on their driver's license. You could say driver's license number and state, but not everyone has that either. Maybe name, birthdate, and birth city?
This is really the silly part of PGP webs of trust. Each use is going to need something different. Better to sign a certificate stating exactly what identification you have checked. Writeup something saying "I have verified that [Person] has a driver's license listing the name [Name]" and another one saying "I have verified that [Person] has a driver's license listing the address [Address]" or whatever else the person wants you to confirm and sign it.
Re:ID (Score:2)
but anyways, i think the original asker asked that how would you organize such an event, because everyone checking each others id's would be very time taking.
Re:ID (OT) (Score:1)
Hint for the stupid: State ID card = Valid ID. Just like a driver's licence, but you can't use it to drive with. I've got both.
Re:ID (OT) (Score:1)
Remember that Americans take the federal system very seriously. Sometimes this is good, sometimes not. Either way, it's not going to change (unless we repeal the Constitution - and that will not happen. Our officeholders and military are sworn to preserve, protect, and defend the Constitution itself, not the country.)
huh? (Score:1, Redundant)
Someone explain this to me. I haven't used pgp in years and even then, it was just me and 3 buddies.
Is the use of keys so widespread that people need to meet to identify themselves? If 300 people 'know' each other on-line, then why the hell do they need to meet to exchange keys? You'd think you could trust that anonymous person you've been chatting to for 3 years.
Again, I may have blown this out of perspective, but what the hell if this talking about?
Re:huh? (Score:2, Informative)
Maybe your event isn't such a good idea afterall. (Score:5, Insightful)
Authencators (Score:1)
I deviated from the topic in my last comment, so heres a proper look into it.
What you could possibly have are Authencators at the event, when people enter the event there ID and methods of validation can be checked. This way it can be free-for-all signing once inside as people know they are validated. Of course this brings up a few more questions:
I would think that elected authencators would be the best idea, elected by the mass to authencate people's IDs, in that way people would trust the authencators...to a degree. Also as for not a full ID, maybe name tags with there authencation level "Full Trustable" or "Semi Trustable" etc...u get the idea
Re:Authencators (Score:1, Insightful)
Re:Authencators (Score:2)
> the event, when people enter the event there ID
> and methods of validation can be checked.
This is a very, _very_ bad idea. You should never _ever_ sign the key of someone you have not personally authenticated. What you are suggesting is equivalent to telling me that I should sign Wichert's key because I authenticated Scott and signed his key and he authenticated Wichert and signed his key.
Divide your group of 300 into subgroups of such a size that all members of each subgroup can authenticate all the other members of that group in the time available. Then pick one representative from each subgroup and have these meet and authenticate each other. Now you have a complete web of trust for your group with no chain longer than three links.
> Are the authencators trusted?
Not as substitutes for personal authentication.
> What happens to people without valid id?
If they cannot satisfactorily identify themselves they do not get their keys signed.
Cow market (Score:2, Funny)
Have a group of 10 individuals (changing constantly) do the initial verfication of the IDs (passport, etc), then if it passes this test, display the IDs on the wall using a projector, while displaying the live-image of the guy/girl in another image on the wall. Now, if anyone does not say "BOOOOOOOO!" I think he has been pretty well verified.
Re:I wouldn't trust a BIG key signing party (Score:1)
In other words, matching handles with real names.
Verify the email addresses as well (Score:3, Informative)
2) Set aside some time for verification. Get a big projector
3) Get people to come up one by one, show their id and verify that their fingerprint is correct
4) Remind everyone to check that the email addresses on the key are actually owned by the person owning the key (use that key to encrypt a message to each address with a unique cookie in. Ask the recipient to send it back to you either unencrypted or encrypted with your key).
The last step is important, since otherwise I can claim to be billg@microsoft.com and you signing my key states that you believe me to be billg@microsoft.com. I can then send mail signed with that key, and people within your web of trust will get a message saying that there's a valid signature and that the sender is believed to be billg@microsoft.com.
It really is important to verify all the information in the key, not just the name of the person.
Webs of trust (Score:3, Insightful)
It sounds like you are trying to build a "monolith of trust." Maybe you are having trouble because your idea goes against the grain.
-Peter
Easy (Score:3, Interesting)
That's the problem with PGP... (Score:1, Troll)
How it was done at OLS (Score:2)
Start Here (Score:3, Funny)
here. [cryptnet.net]
But you're right, there ought to be a little bit more granularity in the trust specfications.
[Reminds me of when my brother in law sent me a Power of Attorney so I could act in his behalf for his minor son.
I didn't tell him that I was thereby enabled to do a lot financial transactions on his behalf, sell his house, etc.]
They need a few more questions, like:
Re:Start Here (Score:2)
> after she's had 8 drinks and I rear-ended her new
> car."
Amusing, but I think it is important to emphasize that it's about whether this person is the rightful possessor of the passphrase for that private key, not whether she is a saint or an axe-murderer.
How to run a keysigning party (Score:2)
This is in multiple FAQs, the best of which is the top match on Google for "keysigning party" [cryptnet.net]. Read it. But here's the basic idea.
That's the basic idea. You can also do this as a mob, but for 300 attendees, that may be suboptimal.