On 4 Jun 2015, at 3:45, John C Klensin wrote:
I also note that "PGP key signing parties" used to be a regular
feature at
almost every IETF meeting. If we were serious about secure
communications
(not just email) within the IETF community, we would reinstitute
those,
review signing criteria and create some guidelines, and make
sure we could
get X.509 certs issued/signed too, if necessary in an IETF or
ISOC tree.
For what it's worth, I am willing to volunteer for this. If there's a
room and a timeslot available, I could do it in Prague, even. I've done
lots of these in the past (although none at the IETF).
I believe I am (still) a CACert assurer of some kind, too, although it
has been long enough since I've done anything with that that I would
need a refresh (both on the procedures and documentation required, and
on current interest CACert) to incorporate that into the mix.
While we're getting ahead of ourselves, if there was an ISOC or IETF CA
that was fed and watered sufficiently well that it was worth using in
some glorious future, incorporating that (them) seems like a lovely idea
too.
Rewinding to reality, perhaps there are other PGP and/or CACert
enthusiasts who would like to join in and talk about at least some level
of PGP fumbling in Prague.
Joe