GnuPG

Notes on signing-parties

Here is an example based on my participation to the keysigning-party of FOSDEM 2008

After the signing party

• I clean the list ksp-fosdem2008.txt to keep only those I met.
• I extract the fingerprints

cat ksp-fosdem2008-ok.txt |grep fingerprint|sed 's/^.*= //;s/ //g'> ksp-fosdem2008-finger.txt

• I configure caff, the first time it creates a template in ~/.caffrc which was nearly ok, I let only my usual public key, told to encrypt also for that key, activated the default email template, chose agpg as signing gpg program and finally chose a public keyserver:

$CONFIG{'local-user'} = [ qw{7A135F579AD7E3DB} ];
$CONFIG{'also-encrypt-to'} = [ qw{7A135F579AD7E3DB} ];
$CONFIG{'gpg-sign'} = '/usr/bin/agpg';
$CONFIG{'keyserver'} = 'wwwkeys.pgp.net';

• I could not get caff working until I finally copied ~/.gnupg/pubring.gpg and ~/.gnupg/trustdb.gpg to ~/.caff/gnupghome/ then everything worked including import of new keys from the keyserver.
• Signing only:

caff --no-download --no-export-old --no-mail $(cat ksp-fosdem2008-finger.txt)
yes / save (check twice the uids as you could have forgotten to remove it in ksp-fosdem2008-ok.txt)

• Sending emails:

caff --no-download --no-sign --no-export-old $(cat ksp-fosdem2008-finger.txt)