Jump to: navigation, search

OpenPGP Web of Trust/Juno Summit

< OpenPGP Web of Trust
Revision as of 22:10, 9 May 2014 by Fungi (talk | contribs) (Juno Summit Key Signing: typo)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Juno Summit Key Signing

In an effort to build a secure web of trust, some community members will perform an informal exchange of identification and confirm key fingerprints at the OpenStack Juno Design Summit on Wednesday the 14th of May starting at 10:35 AM EDT (14:35 UTC) in room B301 of the Georgia World Congress Center (in between Infrastructure topic sessions).

The sign-up period is now closed and the list of participants' keys has been finalized. If you signed up to participate, please retrieve juno-ksp.txt (it consists of details for 65 participants), confirm your key fingerprint and other details within it are accurate, and verify its checksums according to the md5sum and sha1sum utilities match the following:

1ed74f9bee7eae90246d080bb1f8e842 (MD5)
c2b3f6b7be5fa94c533e3a45ad4401f23356c84d (SHA-1)

If your browser has a tendency to convert line endings to MS-DOS or Macintosh text formats transparently, this will change the checksums so you may instead want to retrieve the tarred and gzip-compressed version and unpack it locally.

Print a copy of the file and the checksums to bring with you to the Summit (also don't forget a pencil or a pen, and one for your friend who will probably forget theirs!) along with one or more forms of photo identification, preferably at least a passport, and make sure the real name on your key corresponds to the name on your passport. If you want additional tips, see the parent article. This activity takes place during the 10:30-11:00 break period so please arrive promptly. We will follow The 'Sassaman-Projected' Method so that we can hopefully get through all participants in the limited time allotted.

A similar message has been posted on the openstack-dev@lists.openstack.org mailing list with the same attachments, signed by RSA key 0x48F9961143495829 (though the pipermail archive mangles the contents and makes it hard to match up the detached signature, so hopefully you're subscribed to that ML already).