[SGVLUG] Who wants to be the President... (was Proof of LUGmembership])

Dustin Laurence dustin at dogbert.laurences.net
Wed Mar 29 12:04:57 PST 2006 

On Wed, Mar 29, 2006 at 11:08:00AM -0800, Emerson, Tom wrote:

> (at best, Mike is and I was the "moderator" -- I think David has claimed
> the title of press relations, or at the very least doesn't mind taking
> the point on this...)

Huh.  If we really had to have one, Matti might be the right candidate.
Though he's absent more often these days....

> Newsletter?  We have a newsletter?  That's news to me! :)

Of course we have a news letter.  This month's is "R".

> > could create a LUG PGP key, but it's hard to see how you
> > would verify that the public key is valid.
> 
> Not a bad idea -- we could create said key at next month's meeting (as a
> bit of "show and tell" on how to do pgp keys) and have anyone/everyone
> in attendance sign it with their key (and reciprocally sign theirs as
> well).

Yeah, actually I think that's a good idea, because it creates an example
and gives us a central node in the web of trust all in one go.
Interesting issue, though--how does someone check the credentials of the
SGVLUG key?  It doesn't have gubmint ID.  I guess all those present who
witnessed the key creation can sign in good faith, but what about next
month?

I guess you'd check the credentials of the LUG keymaster (er, but how do
you know they are the keymaster)?  We'd need a "keymaster" then.  More
titles!  But I forget--does the keymaster get to kiss Sigourney Weaver
or is she the keymaster and I'm thinking of the gatekeeper.  (Boy, does
that joke date me.)

You know, we *do* need a gatekeeper.  That would be the person who
maintains the "open the door please" button or otherwise makes sure we
can get into the building.

Maybe we can waive the keymaster/gatekeeper kiss and just go straight to
the scene where Sigourney is floating above the bed. :-)

> ...The fact that the lug's key is signed by so many lends credence
> to it's validity, and anyone signed by that key would be a defacto
> "member".

Oh, sure, it would work fine for us, I was just thinking that it's
meaningless for the LDS.  I could just as easily create a key myself and
claim it's the SGVLUG key, and they'd never know the difference.  It
might even be true if I then offered to be the LUG keymaster after the
fact. :-)

> ...(or I suppose we could make a signed list available as
> appropriate -- probably just by name only as people tend to be skittish
> about easily accessed lists of e-mail addresses...)

GPG will generate a list of keys that have been signed, won't it?
That's the list--key descriptions and fingerprints.

What about getting the LUG webserver a CACert signature while we're at
it?

Dustin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.sgvlug.net/pipermail/sgvlug/attachments/20060329/fb6b6fda/attachment.bin

More information about the SGVLUG mailing list