Excerpts from Thomas Goirand's message of 2013-09-19 23:33:47 -0700: > > Hi, > > Has anyone thought about having a PGP key signing party during the > summit? Guys from the Linux kernel thought it was useless, but after the > hack of kernel.org, they started to understand it was useful, and now > they do have a "web of trust". As a package maintainer, I would very > much like to have a signing event during the next HK summit, and collect > signatures so that I can check the pgp signed tags, which to my very > satisfaction, starts to appear for every package release (not sure if > this comes from the fact I've been annoying everyone about it in this > list, though that's a very good thing).
I have been to two such events and they are extremely beneficial for growing the PGP web of trust. http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html#overview Given the size of the summit, I suggest the hash based method. _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev