PGP

From Noisebridge
Revision as of 23:20, 27 January 2013 by Jerkey (Talk | contribs)

Jump to: navigation, search

Here are a list of members/guests that use PGP keys and would be happy to do a signing with you if you find them in the space. Please add yourself to the list if you'd like to do this too. Key signings could happen after our Tuesday meetings.

PGP is an open standard for encrypted and authenticated communications using computers. You can use PGP to make sure your communications and data can't be decoded in-transit across the internet or on disk by anyone except the intended recipient. Another feature of PGP is that messages that you sign with your public key can be mathematically proven to have come from you (because only you possess your private key).

Some people believe that all communications (including email) should be encrypted with PGP, but if you want to send a message to someone with PGP you need their public key. People who use PGP want their public key to be widely known, so they post them online on keyservers. They include the "fingerprint" of their public key (like 1AEF90F4) on their business card and in emails, so you can confirm that the public key you have for them is the right one.

If someone sends a plaintext message to the world, they can paste an authentication signature at the end of the message. A person reading the plaintext message can compare the signature and the plaintext (together) with the public key of the person who claims to have sent the message. If the signature matches their public key then it is proof that only that person could possibly have made that message.

If you want to use PGP, you need software. A web application for this task would defeat the purpose, since you would be trusting a webpage with your private key, so this software has to run on your own computer. The following programs are recommended depending on your operating system:

  • Linux - GPG is The GNU Privacy Guard - [1]
  • MacOS OSX - GPG works on MacOS just like it does on Linux
  • Windows - Gpg4win (GNU Privacy Guard for Windows) is Free Software [2]

Before you can do anything you must create your key pair - a private key for you, and a public key that you share with everyone else. You can also tell people the "fingerprint" of your public key (like 1AEF90F4) on business cards and email so people can be sure they have the right public key for you.

Your private key will be protected by a long

  • rubin110 - 1AEF90F4 - key
  • saizai - D6D408A9 - key
  • Michiexile/DrSyzygy - C07CCCCD - key
  • User:Glen Jarvis - 42CE11B6 - key (could someone help me test?)
  • Rachel - but I have to figure out again how all this shit works, I have a key Somewhere, blah blah
  • jof - 0x8F8CAD3D - Key is on my user page
  • Schoen - 9C7DD150 - key
  • Filip - Need to dig up and dust off, but interested in getting some networking going. Discuss infrastructure? Could we get a six-degrees/small-world thing going via other hackerspaces?
  • Danny - 0xA3FDE45E [3]
  • mrdomino - Need to find some more bits first
  • Tom - 80AF07D3 - Happy to sign keys any time, just catch me on email/IM or in the space.
Personal tools