LCA 2010
LCA 2009
OSDC 2008
LCA 2008
OSDC 2007
LCA 2007
LCA 2006
LCA 2005
OSDC 2004
Ad Hoc



Internet Vision Technologies

Keysigning Party Methods

The 'Sassaman-Efficient' Method

The 'Sassaman-Efficient' method is based on a proposal by Len Sassaman to efficiently manage large keysigning events. It is well suited to large groups. There is also a modified version known as the 'Sassaman-Projected' method.

Before The Event

1. All participants email their public key to the keysigning coordinator.
2. The coordinator compiles all the submitted keys into an event keyring.
3. The coordinator generates a text file containing a list of all keys and their fingerprints, and calculates the MD5 and SHA1 checksums of the list.
4. The coordinator publishes the text file either by emailing it to all participants or making it accessible on a website along with the MD5 and SHA1 checksums.
5. Participants download the text file and calculate the MD5 and/or SHA1 checksums of the list, and check them against the checksums provided by the coordinator. If the checksums match it shows that the participant has an identical and unmodified copy of the key list.
6. Participants print out a hard copy of the key list and check the fingerprint of their own key included in the list is correct.

At The Event

1. All participants bring along their own hard copy of the key list which they printed themselves. Participants should only trust the key list they printed themselves from the file with verified checksums. This ensures each participant is working from a list they know has not been tampered with.
2. The event organiser reads out the checksums or displays them on a projector for all participants to compare with their own.
3. Each participant in turn makes a statement that their fingerprint as included in the list is correct. This can be as simple as saying 'key XXXXX is correct'. There is no need to read the fingerprint aloud: since the lists have been checksummed, the fingerprint that appears on all lists must be the same. Participants put a tick on their copy of the list next to each key that is stated by the owner to be correct.
4. Once all participants have stated whether their fingerprint is correct, everyone forms a long line in the same order as their keys appear in the list. The head of the line then folds back on itself and the participants moving back along the line inspect the ID of each participant standing still. The ID requirement is generally 2 forms of government-issued photo ID, but individual participants may enforce their own requirements as appropriate. A second tick is placed next to the list entry for which sufficient ID has been sighted.
5. Once all participants have presented their ID, key lists are to be stored away in a safe place by each participant to prevent tampering with the annotated list.

After The Event

1. Participants retrieve the public keys of all keysigning participants either by fetching individual keys from public keyservers or by importing an event keyring if one has been created by the event coordinator.
2. Participants work through their annotated key list, checking the fingerprint of each key against the printed list and signing keys that match and are ticked for valid ID and the owner stating the fingerprint is correct.
3. Participants either upload each public key they sign to a public keyserver, or email it directly to the key owner. Some key owners prefer not to have keys sent to public keyservers so in general it is courteous to email the key directly to the owner.
4. Signatures sent to each participant by other participants are imported into their local keyring.
Copyright 2004-2009 Jonathan Oxer ( Bandwidth donated by Internet Vision Technologies.