[pgcon-announce] PGcon key signing invitation

Greg Sabino Mullane greg at turnstep.com
Fri May 18 18:00:56 BST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160


Hello everyone

On Wednesday evening, May 23, there will be a keysigning at the very 
end of the Postgres Palaver session. We'll aim to start the keysigning 
around 7:45 or so. I encourage everyone to attend, or at least bring 
your key information to PGcon. Even if you can't attend the keysigning 
party, there's no reason you can't help strengthen the Postgres 
web of trust by signing individual keys of people you bump into at 
PGcon.

* What is PGP?

If you are new to PGP, Wikipedia has a fairly good overview with 
lots of links:

http://en.wikipedia.org/wiki/Public-key_cryptography

The most common PGP application is GnuPG, which may already be installed 
on your computer. If not, it can be found here:

http://www.gnupg.org/

* Why is PGP important?

PGP not only allows for secure (encrypted) communication between two 
or more people, but it also allows things to be digitally signed. This 
email, for example, is signed with my key, which allows other people 
to verify that the email absolutely came from me. More importantly, 
software can be signed as well. Some of the Postgres-related software 
packages are digitally signed, usually by a small file ending in .sig 
or .asc. This cannot be spoofed, and provides a high level of assurance 
that what you are downloading is the exact file that it should be, and 
not (for example) a modified version with a trojan attached.

* What do you need to bring to Ottawa?

All you need is a copy of your PGP fingerprint, and one or more photo IDs. 
Since most of us are coming from out of the country, the ID part should 
be already taken care of. Generally, you print out many copies of your 
fingerprint, and hand those to other people after they verify your identity. 
Writing your fingerprint on the back of your business card is an excellent 
method. The actual key exchange between two people takes less than a minute 
usually.

I've glossed over a few things, but all the information you ever wanted to 
know about PGP and key signing can be found on the web, or feel free to email 
me or catch me at the conference. If I remember to bring it, I'll be the one 
wearing the "Got PGP?" button. :)


- --
Greg Sabino Mullane greg at turnstep.com
PGP Key: 0x14964AC8 200705181257
http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8
-----BEGIN PGP SIGNATURE-----

iD8DBQFGTdtPvJuQZxSWSsgRAxz5AKDN+GNGgBl92vNDnDlIg6SyUDOq1gCginEn
8db4K90eStRB9h0343yTpQs=
=BMxw
-----END PGP SIGNATURE-----

More information about the pgcon-announce mailing list