Organizing Large Key-Signing Events?

FooBarBaz asks: "I'll probably be organizing a quite large (read ~ 300+ people) PGP/GnuPG-Key-Signing-Event. Everyone suspiciously eyeing each others ID and reading fingerprints to everyone else is quite out of the question with such numbers. How would you organize something like that and still be able to select 'I have checked very carefully' when GPG asks?"

ID

[Komarosu]

get all the attendees to bring ID in 3 forms. Utility Bill, Photo ID (passport/driving license), and a Cashcard/Bank statment. These 3 forms of ID will get you pritty much anything in the UK, from loans to mobile phone contracts.

Re:ID

[WIAKywbfatw]

get all the attendees to bring ID in 3 forms. Utility Bill, Photo ID (passport/driving license), and a Cashcard/Bank statment. These 3 forms of ID will get you pritty much anything in the UK, from loans to mobile phone contracts.

The odds are that the original questionner (Ask Slashdotter?) is American - only 5% of Americans own passports but, fortunately, most do have driving licenses that have a photograph on them. However, getting hold of a fake driving license is no problem in the US, and while a Texan might have no problem recognising a fake Texas license, s/he'll probably struggle to tell whether the license from Vermont that they've been presented with is the real mccoy.

Utility bills are useful - until you realise that only one, maybe two, of the occupants in the average household will be responsible for paying the bills. Which means you're probably shit out of luck if you live with family, friends or are at college.

Bank statements are also a mixed blessing. In the US, it's not uncommon for older kids (16+) to be issued with a credit card that's on their parents account. If you're a college student and this is you, then you probably never see a statement, and even if you do it's going to have one of your parents name on it not yours.

Bottom line is this: try to be a little bit flexible when asking for identification. Not everyone has the same life, with the same neatly pigeon-holed pieces of paper.

Re:ID

[Komarosu]

Of course its a mixed bag for other countries, but really it comes down to whats classed as formal ID in that country. Eg: what do you need to signup for a credit card or loans, really if you've got enough ID to get yourself into debt then i guess thats enough to prove who you are. Of course theres the possibly of faking, but if you want to go to the extremes then you start getting security checks (eg: CRB in the UK) and lookups on the electrol register. Where really do you draw the line of how much ID you need?

Re:ID

[MindStalker]

Well in America SSN plus a picture ID is generally the accepted ID, though this guy would need a way to confirm SSNs which I doupt he has.

Re:ID

[anthony_dipierro]

You could confirm many SSNs by looking at their driver's license, but not everyone has an SSN on their driver's license. You could say driver's license number and state, but not everyone has that either. Maybe name, birthdate, and birth city?

This is really the silly part of PGP webs of trust. Each use is going to need something different. Better to sign a certificate stating exactly what identification you have checked. Writeup something saying "I have verified that [Person] has a driver's license listing the name [Name]" and another one saying "I have verified that [Person] has a driver's license listing the address [Address]" or whatever else the person wants you to confirm and sign it.

Re:ID

[gl4ss]

gee. it would be really nice to live in a country where you could not except everyone to have any id.

but anyways, i think the original asker asked that how would you organize such an event, because everyone checking each others id's would be very time taking.

Re:ID (OT)

[Harik]

Some retard said:

It would be even nicer to live in a country where everyone has a universally accepted form of ID (rather than proof of identity being dependent on whether I can pass a driving test/have my own utility bills/have my own credit card/etc).

Hint for the stupid: State ID card = Valid ID. Just like a driver's licence, but you can't use it to drive with. I've got both.

Re:ID (OT)

[demonlapin]

Forget it. National ID's will not pass in the US; the idea is just too unpopular. I can't say that I'm too keen on it myself; there's just something a little too Big Brother about it.

Remember that Americans take the federal system very seriously. Sometimes this is good, sometimes not. Either way, it's not going to change (unless we repeal the Constitution - and that will not happen. Our officeholders and military are sworn to preserve, protect, and defend the Constitution itself, not the country.)

huh?

[penguin_punk]

What the hell is the article talking about?

Someone explain this to me. I haven't used pgp in years and even then, it was just me and 3 buddies.

Is the use of keys so widespread that people need to meet to identify themselves? If 300 people 'know' each other on-line, then why the hell do they need to meet to exchange keys? You'd think you could trust that anonymous person you've been chatting to for 3 years.

Again, I may have blown this out of perspective, but what the hell if this talking about?

Re:huh?

[Anonymous Coward]

Some problems can only be avoided by or are much less of a problem after direct contact: Keys are associated with names, not human beings. To make the latter association, you have to verify that the name belongs to the person. This needs to be done to avoid impersonations ("identity theft"). Man-in-the-middle attacks can only be avoided if some information is exchanged, which is guaranteed to be untampered. Listening in is ok with public key systems, but if someone can present their keys in place of someone elses and you don't notice, the man in the middle can read and modify everything. The only safe way to verify the name-person relation is to meet in person. The PGP web of trust is a mechanism to reduce the amount of work which participants need to put into meeting eachother by delegating trust. It is not meant to avoid this step altogether. Meeting in person may also give you a better idea of the trustworthyness of the other person. You may want to differentiate between trusting the other person's key validity and your trust in the other person's ability to verify and reliably sign other people's keys.

Maybe your event isn't such a good idea afterall.

[Lauritz]

If you can't check, you shouldn't trust. By trying to bypass some of the checks, you bypass your own security and the security of those who trust you.

Authencators

[Komarosu]

I deviated from the topic in my last comment, so heres a proper look into it.

What you could possibly have are Authencators at the event, when people enter the event there ID and methods of validation can be checked. This way it can be free-for-all signing once inside as people know they are validated. Of course this brings up a few more questions:

• Are the authencators trusted?
• What happens to people without valid id?

I would think that elected authencators would be the best idea, elected by the mass to authencate people's IDs, in that way people would trust the authencators...to a degree. Also as for not a full ID, maybe name tags with there authencation level "Full Trustable" or "Semi Trustable" etc...u get the idea

Re:Authencators

[Anonymous Coward]

You're trying to collapse one link in the web of trust for no reason: If every key is signed by the central authenticator all you need to (and should) do is evaluate your trust relation with the authenticator. The software will then figure out how much you trust the keys signed by the authenticator depending on the two trust relations you-authenticator and authenticator-thirdparty.

Re:Authencators

[John Hasler]

> What you could possibly have are Authencators at
> the event, when people enter the event there ID
> and methods of validation can be checked.

This is a very, _very_ bad idea. You should never _ever_ sign the key of someone you have not personally authenticated. What you are suggesting is equivalent to telling me that I should sign Wichert's key because I authenticated Scott and signed his key and he authenticated Wichert and signed his key.

Divide your group of 300 into subgroups of such a size that all members of each subgroup can authenticate all the other members of that group in the time available. Then pick one representative from each subgroup and have these meet and authenticate each other. Now you have a complete web of trust for your group with no chain longer than three links.

> Are the authencators trusted?

Not as substitutes for personal authentication.

> What happens to people without valid id?

If they cannot satisfactorily identify themselves they do not get their keys signed.

Cow market

[jukal]

I'll probably be organizing a quite large (read ~ 300+ people) PGP/GnuPG-Key-Signing-Event. Everyone suspiciously eyeing each others ID and reading fingerprints to everyone else is quite out of the question with such numbers. How would you organize something like that

Have a group of 10 individuals (changing constantly) do the initial verfication of the IDs (passport, etc), then if it passes this test, display the IDs on the wall using a projector, while displaying the live-image of the guy/girl in another image on the wall. Now, if anyone does not say "BOOOOOOOO!" I think he has been pretty well verified.

Re:I wouldn't trust a BIG key signing party

[Yottabyte84]

He also attended hacker convention DefCon 6 in July 1998 with specific instructions from the FBI to "collect PGP encryption keys from conference attendees and try to match people's real names to their keys."

In other words, matching handles with real names.

Verify the email addresses as well

[Fluffy the Cat]

1) Get everyone to mail their fingerprints to the organiser beforehand
2) Set aside some time for verification. Get a big projector
3) Get people to come up one by one, show their id and verify that their fingerprint is correct
4) Remind everyone to check that the email addresses on the key are actually owned by the person owning the key (use that key to encrypt a message to each address with a unique cookie in. Ask the recipient to send it back to you either unencrypted or encrypted with your key).

The last step is important, since otherwise I can claim to be billg@microsoft.com and you signing my key states that you believe me to be billg@microsoft.com. I can then send mail signed with that key, and people within your web of trust will get a message saying that there's a valid signature and that the sender is believed to be billg@microsoft.com.

It really is important to verify all the information in the key, not just the name of the person.

Webs of trust

[pete-classic]

I'm no expert, but I thought that part of the idea was that people sign the keys of people they actually know. This forms an interlocking verification -- a web of trust.

It sounds like you are trying to build a "monolith of trust." Maybe you are having trouble because your idea goes against the grain.

-Peter

Easy

[rweir]

Just get everyone to come along with 50-odd copies of their fingerprint/address/etc. Everyone can wander around, introducing themselves to each other and exchanging fingerprints. Why not combine the practical with the social? Lord knows the type of people who go along to key-signing parties need all the help they can get:)

That's the problem with PGP...

[anthony_dipierro]

Those of you who are too paranoid to not use PGP are the same ones who are too paranoid to have government issued identification.

How it was done at OLS

[irix]

Check out how this was done at years past [linuxsymposium.org] at the Ottawa Linux Symposium.

Start Here

[4of12]

here. [cryptnet.net]

But you're right, there ought to be a little bit more granularity in the trust specfications.

[Reminds me of when my brother in law sent me a Power of Attorney so I could act in his behalf for his minor son.

I didn't tell him that I was thereby enabled to do a lot financial transactions on his behalf, sell his house, etc.]

They need a few more questions, like:

"I'd trust Alice with a loaded gun pointed at me after she's had 8 drinks and I rear-ended her new car."

Re:Start Here

[John Hasler]

> "I'd trust Alice with a loaded gun pointed at me
> after she's had 8 drinks and I rear-ended her new
> car."

Amusing, but I think it is important to emphasize that it's about whether this person is the rightful possessor of the passphrase for that private key, not whether she is a saint or an axe-murderer.

How to run a keysigning party

[Piquan]

This is in multiple FAQs, the best of which is the top match on Google for "keysigning party" [cryptnet.net]. Read it. But here's the basic idea.

1. Pick a keyserver.
2. Have everybody send it their public keys.
3. Make a table of everybody's owner (name and email addr), fingerprint, keysize, and algorithm, along with a checkbox. Make 300 copies.
4. Rent an opaque projector, a screen, a microphone, stand, amp, speakers, and 300 chairs.
5. Have everybody show up with ID, a pencil, a writing surface, a copy of their fingerprint, and a writing surface. No computers needed; this is NOT to be done digitally! (That's a bad idea; see above link for why.)
6. Put a copy of the key sheet on the opaque projector. Call out the first name on the list. Have the key's owner should come up and put their ID on the opaque projector, and attest to the correctness of their own key on the projected list.
7. Each attendee verifies that the ID is okay, the projected key matches what's on their copy, and checks off the ID.
8. Repeat the last two steps 300 times.
9. Attendees go home.
10. Make a keyring for your attendees. Put it somewhere publicly accessible. (This is so not everybody has to repeat this step.)
11. Attendees import the keyring. For each key they checked off, they verify that the key in the keyring matches, and sign it.
12. Attendees upload their signatures to the keyserver.

That's the basic idea. You can also do this as a mob, but for 300 attendees, that may be suboptimal.