GNOME Keysign - Signing OpenPGP Keys easily and securely
We're having a party with no beer, but fingerprints...
Tobias Mueller served the GNOME Foundation to achieve their goals of creating and distributing great Free Software products as a Director of the GNOME Foundation for many year. Besides being a Free Software and GNOME lover, Tobias is involved in the German security research community around the Chaos Computer Club. Topics of interest include Platform- and System-Security, Cryptography and Security Protocols. And making all of those usable.
No video of the event yet, sorry! Meanwhile...
The Web of Trust is the decentralised PKI in the OpenPGP world. It depends on people participating by signing other people's keys. However, when following best practises, the act of signing a key involves secure transfer of the OpenPGP key which contemporary casual key signing protocols for small groups address by exchanging the fingerprint of the key to be signed. The key will then be downloaded over an untrusted channel and the key obtained needs to be manually verified.
This presentation shows a novel approach to signing keys which makes it easy to sign a person's key. It enables very small groups of people to casually hold very small key signing parties. The key idea is to automatically authenticate the key material before the transfer via a secure audible or visual channel. A Free Software implementation of the protocol will be shown and people are invited to sign their keys :-)
- 2016 June 24 - 17:00
- 1 h
- Roter Salon
- openSUSE Conference 2016
- Technology & Development