PGP Key Signing party at FOSDEM, 2018

Posted on 2018年02月07日

Tags: conference, pgp, gpg, FOSDEM, party, perl

Few days ago, I attended FOSDEM. Last time, I attended a free software conference was in 2007. And that also happens to be the first GPG key signing party, I attended. I usually don’t attend conferences, since most of the conferences get their talks uploaded online sooner or later, but key signing party is hard to resist. So, I decided to attend FOSDEM, since they have key signing party too :D.

At my first key signing party we only have 10-15 people who attended the party, and after the physical verification, and email verification, we just have to upload their signed keys to keyserver. But this time, there are ~100 people, so I used caff, which signs a user’s key first, and then emails them with the signed key, asking them to upload it themselves. This has one benefit, in case their email address is not active anymore, they won’t get the copy of the key signed by you, which means that you’re not signing the uid, that doesn’t belong to them anymore.

To make things easier for me, I wrote a Perl script, which will update the key signing participants list by checking off the folks, whom I have physically verified at the conference.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36


#!/usr/bin/env perl

use strict;
use warnings;

my ($ksp_file, @uids) = @ARGV;

if (defined( $ksp_file )) {
        @uids = sort {$a <=> $b} @uids;
        open KSP_FILE, "<$ksp_file" or die "Unable to open file $ksp_file: $!\n";
        my ($uid) = shift(@uids);
        foreach(<KSP_FILE>) {
                chomp($_);
                if( defined($uid) && m/^0*$uid\s+/ ) {
                        $_ =~ s/\[ \]/[x]/g;
                        print "$_\n";
                        $uid = shift(@uids);
                } else {
                        print "$_\n";
                }
                last if (!defined( $uid ) && /^-+$/);
        }
        close KSP_FILE;
} else {
        print STDERR "Usage: $0 key-signing-participants-file list of keys to sign\n";
        print STDERR "\n";
        print STDERR "Generates a list of participants (to be signed) from the existing list of\n";
        print STDERR "stored in key-signing-participants file.\n";
        print STDERR "\n";
        print STDERR "e.g.\n\t$0 ksp.txt 1 4 54 42 >to-be-signed.txt\n";
        print STDERR "\n";
        print STDERR "Outputs to-be-signed.txt with participants number# 1, 4, 54, and 42 checked OK\n";
        print STDERR "for signing from the list provided in ksp.txt.\n";
}

exit 0;