Jump to: navigation, search

OpenPGP Web of Trust/Juno Summit

< OpenPGP Web of Trust
Revision as of 02:00, 8 May 2014 by Fungi (talk | contribs) (Juno Summit Key Signing: Sign-up is now over)

Juno Summit Key Signing

In an effort to build a secure web of trust, some community members will perform an informal exchange of identification and confirm key fingerprints at the OpenStack Juno Design Summit on Wednesday the 14th of May starting at 10:35 AM EDT (14:35 UTC). We've booked room 405 of the the Georgia World Congress Center (one floor up from the Design Summit session rooms) specifically for this, but for convenience may change it to room B301 (the Design Summit room housing the Infra topics that day) as it's closer to where most of the participants will already be and seats more people (this article will be updated with the confirmed location by the end of Friday, May 9).

The sign-up period is now closed and the list of participants' keys has been finalized. If you signed up to participate, please retrieve juno-ksp.txt (it consists of details for 65 participants), confirm your key fingerprint and other details within it are accurate, and verify its checksums according to the md5sum and sha1sum utilities match the following:

1ed74f9bee7eae90246d080bb1f8e842 (MD5)
c2b3f6b7be5fa94c533e3a45ad4401f23356c84d (SHA-1)

If your browser has a tendency to convert line endings to MS-DOS or Macintosh text formats transparently, this will change the checksums so you may instead want to retrieve the tarred and gzip-compressed version and unpack it locally.

Print a copy of the file and the checksums to bring with you to the Summit (also don't forget a pencil or a pen, and one for your friend who will probably forget theirs!) along with one or more forms of photo identification, preferably at least a passport, and make sure the real name on your key corresponds to the name on your passport. If you want additional tips, see the parent article. This activity takes place during the 10:30-11:00 break period so please arrive promptly. We will follow The 'Sassaman-Projected' Method so that we can hopefully get through all participants in the limited time allotted.

A similar message has been posted on the openstack-dev@lists.openstack.org mailing list with the same attachments, signed by RSA key 0x48F9961143495829 (though the pipermail archive mangles the contents and makes it hard to match up the detached signature, so hopefully you're subscribed to that ML already).