12 05 | 2012

Signing-party and crypto conference in Paris

Written by Tanguy

Classified in : Homepage, Debian

Statue of Saint Peter holding the heaven's key

Monday 21st during at 18:45, in Paris, there will be a conference organized by Parinux, where I will explain the principles of cryptography and their application in the SSL and PGP systems. This conference will be followed at 20:30 by a signing-party PGP et CAcert.

For the signing-party, I will ask participants to:

  1. generate a key pair if you do not already have one;
  2. send me you public key and register;
  3. print some copies of your key fingerprint;
  4. print the list of participants I will send you;
  5. come with all that stuff and one or two identity documents.

This is a partial translation of the full article I wrote in French, in case foreigners could attend. Sorry for the very late notice…

04 05 | 2012

Signing-party et conférence crypto

Written by Tanguy

Classified in : Homepage, Auto-hébergement, Debian-FR, Libre, April

Statue of Saint Peter holding the heaven's key

Le lundi 21 mai au soir, à Paris, se tiendra une conférence organisée par Parinux, où j'expliquerai les principes de base de la cryptographie et leur application dans les systèmes SSL et PGP. Cette conférence sera suivie par une signing-party PGP et CAcert.

Pour le déroulement de la signing-party, je vous demanderai de :

  1. générer un paire de clefs si vous n'en avez pas déjà une ;
  2. m'envoyer votre clef publique et vous inscrire ;
  3. imprimer quelques exemplaires de votre empreinte de clef ;
  4. imprimer la liste des participants que je vous enverrai ;
  5. venir munis de tout cela ainsi que d'un stylo et d'une ou deux pièce d'identité.

Read more Signing-party et conférence crypto

27 05 | 2011

PGP signatures with trust and verification level

Written by Tanguy

Classified in : Homepage, Debian, To remember

Identity checks and trust

Saint Peter's key, detail from a stone statue

The OpenPGP web of trust is composed of keys linked to each other by two things:

  • identity checks: signing a key means that you verified the link between a key with user IDs, an official identity document with a photograph, and a person with a face;
  • trust: on your public key ring, you manually decide who you trust to correctly check other people's identity.

With these two pieces of information, GnuPG is able to determine whether or not the key of someone you never met can trusted to belong to its alleged owner.


Signing a key is usually a binary action: either you sign it or you do not sign it. Thus your signature on a key will give other people a rough identity check information and no trust information at all.

In fact, the OpenPGP standard does allow to publish precise identity check and trust information on signatures, but unfortunately this is now enabled with GnuPG by default. These features are called certification level and trust signatures.

Read more PGP signatures with trust and verification level

previous page 2 of 2