{"id":21107,"date":"2019-01-16T13:47:34","date_gmt":"2019-01-16T12:47:34","guid":{"rendered":"https:\/\/www.inovex.de\/blog\/?p=14618"},"modified":"2022-11-24T10:38:17","modified_gmt":"2022-11-24T09:38:17","slug":"openpgp-create-a-new-gnupg-key-2","status":"publish","type":"post","link":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/","title":{"rendered":"OpenPGP: Web of Trust and Key Signing Parties (Part 2)"},"content":{"rendered":"<p>The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.<!--more--><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_79_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\" style=\"cursor:inherit\"><\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Public-key-servers\" >Public key servers<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Web-of-Trust\" >Web of Trust<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Interacting-with-public-key-servers\" >Interacting with public key servers<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Upload-your-own-key\" >Upload your own key<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Search-for-Keys-on-Public-Key-Servers\" >Search for Keys on Public Key Servers<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Receive-a-Key\" >Receive a Key<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Refresh-all-keys-in-your-local-keyring\" >Refresh all keys in your local keyring<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Key-Signing-Parties\" >Key Signing Parties<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Preparations\" >Preparations<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Before-the-Party\" >Before the Party<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Get-the-List-of-Key-Signing-Party-Participants\" >Get the List of Key Signing Party Participants<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Check-your-Key-the-UIDs-and-the-Fingerprint-Listed-in-the-File\" >Check your Key, the UIDs and the Fingerprint Listed in the File<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Compute-and-Verify-the-Checksum-of-the-File\" >Compute and Verify the Checksum of the File<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Print-ksp-example-eventtxt-to-Paper\" >Print ksp-example-event.txt to Paper<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Fill-in-the-Computed-Hash-on-the-Printout\" >Fill in the Computed Hash on the Printout<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Bring-Printout-Pen-and-Government-Issued-ID-to-the-Event\" >Bring Printout, Pen and Government Issued ID to the Event<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Be-on-Time\" >Be on Time!<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#During-the-party\" >During the party<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#After-the-Party\" >After the Party<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Configure-msmtp\" >Configure msmtp<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Configure-caff\" >Configure caff<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-22\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Link-your-gpgconf-file-to-caff\" >Link your gpg.conf file to caff<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-23\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#Sign-key-with-caff\" >Sign key with caff<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Public-key-servers\"><\/span>Public key servers<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Public key servers are used to collect and distribute public keys easily. Basically anyone can upload any key and keys once uploaded cannot be deleted.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Web-of-Trust\"><\/span>Web of Trust<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>An important concept in OpenPGP is the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Web_of_trust\">Web o<\/a><a href=\"https:\/\/en.wikipedia.org\/wiki\/Web_of_trust\" target=\"_blank\" rel=\"noopener\">f Trust<\/a>. It consists of trust relationships between a group of keys. A key signature is used to establish the authenticity of the link between a public key and its owner. In other words: the signature ensures that the name in the user IDs of the key matches the name on the identification of the person presented during the key signing process. You can think of the web of trust as the sum of all links between the group of keys.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Interacting-with-public-key-servers\"><\/span>Interacting with public key servers<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><span class=\"ez-toc-section\" id=\"Upload-your-own-key\"><\/span>Upload your own key<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ gpg --send-keys 0x5A24FA122E623651\r\n\r\ngpg: sending key 0x5A24FA122E623651 to hkps:\/\/hkps.pool.sks-keyservers.net<\/pre>\n<p>You have to re-upload your key when it has changed (e.g. in case of added\/revoked user IDs, extended expiration dates, added\/revoked subkeys or if you have imported someone else&#8217;s signature).<\/p>\n<p>Do not upload test or demo keys and <strong>never<\/strong> upload someone else&#8217;s key without permission.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Search-for-Keys-on-Public-Key-Servers\"><\/span>Search for Keys on Public Key Servers<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>You can search for long key IDs, user IDs or email addresses on public key servers:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ gpg --search \"john.doe@example.com\"\r\n\r\ngpg: data source: https:\/\/192.146.137.98:443\r\n\r\n(1)     John Doe &lt;john.doe@example.com&gt;\r\n\r\n          4096 bit RSA key 0x5A24FA122E623651, created: 2019-01-04, expires: 2021-01-03\r\n\r\nKeys 1-1 of 1 for \"john.doe@example.com\".  Enter number(s), N)ext, or Q)uit &gt;<\/pre>\n<h3><span class=\"ez-toc-section\" id=\"Receive-a-Key\"><\/span>Receive a Key<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ gpg --recv-keys 0x5A24FA122E623651\r\n\r\ngpg: key 0x5A24FA122E623651: public key \"John Doe &lt;john.doe@example.com&gt;\" imported\r\n\r\ngpg: Total number processed: 1\r\n\r\ngpg: imported: 1<\/pre>\n<h3><span class=\"ez-toc-section\" id=\"Refresh-all-keys-in-your-local-keyring\"><\/span>Refresh all keys in your local keyring<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>It is important to update the public keys in your keyring regularly, so you receive extended expiration dates and revocations timely:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ gpg --refresh-keys\r\n\r\ngpg: key 0x5A24FA122E623651: public key \"John Doe &lt;john.doe@example.com&gt;\" not changed\r\n\r\ngpg: Total number processed: 1\r\n\r\ngpg:              unchanged: 1<\/pre>\n<p>Note: <strong>gpg &#8211;refresh-keys<\/strong> discloses the whole set of keys in your keyring to the key server operators. An alternative is to use <strong>parcimonie<\/strong> (a daemon that fetches one key at a time using the Tor network).<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Key-Signing-Parties\"><\/span>Key Signing Parties<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A key signing party is a come-together of at least two persons to sign each others&#8216; keys. Key signing parties serve to extend the web of trust.<\/p>\n<p>There are several methods to structure a key signing party. The method described here is based on the <a class=\"external text\" title=\"https:\/\/web.archive.org\/web\/20110724024707\/http:\/\/sion.quickie.net\/keysigning.txt\" href=\"https:\/\/web.archive.org\/web\/20110724024707\/http:\/\/sion.quickie.net\/keysigning.txt\" rel=\"nofollow\">Efficient Group Key Signing Method<\/a> by Len Sassaman and Phil Zimmerman.<\/p>\n<p>In general the key signing party organizer will announce an email address along with a due date, where and until when you have to send in your public key(s). Additionally the organizer will announce a publish date and a download location for the list of participants along with the hash value and the key file containing the public keys of all participants. Alternatively the organizer sends the files by mail to the participants.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Preparations\"><\/span>Preparations<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>To participate, you need to send your key to the organizer. You can either create a new key pair or use an existing one. The process to create a new key is documented in the <a href=\"https:\/\/www.inovex.de\/blog\/openpgp-create-a-new-gnupg-key-1\/\">first part<\/a> of the OpenPGP blog series.<\/p>\n<p>The preparation steps are as follows:<\/p>\n<ul>\n<li>use gpg 2.1.18 or later<\/li>\n<li>revoke all non-reachable or no longer valid user IDs<\/li>\n<li>use a strong primary key (at least 2048 bits RSA key, with SHA512 hashing algorithm) with an expiration date<\/li>\n<li>use your first and last name in user IDs (so it can be matched against your identification)<\/li>\n<li>check your key and fix any problem with your key. You can use <strong>hokey<\/strong> from <a href=\"https:\/\/salsa.debian.org\/clint\/hOpenPGP\"><strong>hopenpgp<\/strong><\/a> tools to check your key:\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ gpg --export --no-armor 0x5A24FA122E623651 | hokey lint\r\n\r\nhokey (hopenpgp-tools) 0.21.2\r\n\r\nCopyright (C) 2012-2018 Clint Adams\r\n\r\nhokey comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions.\r\n\r\nKey has potential validity: good\r\n\r\nKey has fingerprint: F589 0F08 068C 5251 DEC5 CB91 5A24 FA12 2E62 3651\r\n\r\nChecking to see if key is OpenPGPv4: V4\r\n\r\nChecking to see if key is RSA or DSA (&gt;= 2048-bit): RSA 4096\r\n\r\nChecking user-ID- and user-attribute-related items:\r\n\r\nJohn Doe &lt;john.doe@example.com&gt;:\r\n\r\nSelf-sig hash algorithms: [SHA-512]\r\n\r\nPreferred hash algorithms: [SHA-512, SHA-384, SHA-256, SHA-224]\r\n\r\nKey expiration times: [1y11m29d81000s = Sun Jan 3 12:46:57 UTC 2021]\r\n\r\nKey usage flags: [[certify-keys]]\r\n\r\nChecking subkeys:\r\n\r\none of the subkeys is encryption-capable: True\r\n\r\nfpr: A1CB E880 0CF8 F067 7BE6 CCB7 5027 A7FB 918D F7CE\r\n\r\nversion: v4\r\n\r\ntimestamp: 20190104-155226\r\n\r\nalgo\/size: RSA 3072\r\n\r\nbinding sig hash algorithms: [SHA-512]\r\n\r\nusage flags: [[auth]]\r\n\r\nembedded cross-cert: False\r\n\r\ncross-cert hash algorithms: [SHA-512]\r\n\r\nfpr: 8131 307A 20AC 690D C549 8B36 8726 4AAE EB63 9812\r\n\r\nversion: v4\r\n\r\ntimestamp: 20190104-155201\r\n\r\nalgo\/size: RSA 3072\r\n\r\nbinding sig hash algorithms: [SHA-512]\r\n\r\nusage flags: [[encrypt-storage, encrypt-communications]]\r\n\r\nembedded cross-cert: False\r\n\r\ncross-cert hash algorithms: [SHA-512]\r\n\r\nfpr: 1E32 42BD 012C 59F4 0204 4B97 2C0C C4A1 8423 4A5A\r\n\r\nversion: v4\r\n\r\ntimestamp: 20190104-154732\r\n\r\nalgo\/size: RSA 3072\r\n\r\nbinding sig hash algorithms: [SHA-512]\r\n\r\nusage flags: [[sign-data]]\r\n\r\nembedded cross-cert: True\r\n\r\ncross-cert hash algorithms: [SHA-512]\r\n\r\n<\/pre>\n<p>If some values are marked in red colour you can find instructions on how to fix the issues in the <a href=\"https:\/\/help.riseup.net\/en\/security\/message-security\/openpgp\/best-practices\">OpenPGP Best Practices<\/a>.<\/li>\n<li>update GnuPG to use SHA2 in preference to SHA1.Add the following lines at the end of the gpg.conf file:\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">personal-digest-preferences SHA512\r\n\r\ncert-digest-algo SHA512\r\n\r\ndefault-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed<\/pre>\n<\/li>\n<li>upload your key to public key server (recommended, but not required)\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\"> $ gpg --send-keys 0x0123456789ABCDEF<\/pre>\n<\/li>\n<li>send the ascii armored, cleaned and minimized public key(s) to the organizerYou can export the key with the following command:\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ gpg --armor --export-options export-clean,export-minimal --export 0x5A24FA122E623651 &gt; 0x5A24FA122E623651.pub.asc<\/pre>\n<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Before-the-Party\"><\/span>Before the Party<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><span class=\"ez-toc-section\" id=\"Get-the-List-of-Key-Signing-Party-Participants\"><\/span>Get the List of Key Signing Party Participants<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>First you need to get the list of key signing party participants (e.g. ksp-example-event.txt). An example is shown below:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">                         Keysigning Party Example Event\r\n\r\n                  Prepared by John Doe (john.doe@example.com)\r\n\r\n                          Fri, 29 Aug 1997 09:14 +0200\r\n\r\n                       List of participants (v1997-08-04)\r\n\r\nHere's what you have to do with this file:\r\n\r\n1. Print this file to paper.\r\n\r\n2. Compute this file's SHA256 checksum: sha256sum ksp-example-event.txt\r\n\r\n3. fill in the hash values on the printout.\r\n\r\n4. Bring the printout, a pen, and a government issued ID to the keysigning\r\n\r\n   (and be on time!).\r\n\r\nFor each participant:\r\n\r\n1. Compare the hash you computed with the other participant.\r\n\r\n2. Ask if the other participant's gpg fingerprint on the hardcopy is correct.\r\n\r\n3. Verify each other's identity by matching user IDs against the government\r\n\r\n   issued ID.\r\n\r\n4. If you are satisfied with the identification, mark on your hardcopy that\r\n\r\n   the other participant's gpg fingerprint is correct and has been identified.\r\n\r\nSHA256 Checksum: ____ ____   ____ ____   ____ ____   ____ ____\r\n\r\n                 ____ ____   ____ ____   ____ ____   ____ ____              [ ]\r\n\r\n_______________________________________________________________________________\r\n\r\n001  [ ] Fingerprint OK        [ ] ID OK\r\n\r\npub   rsa4096\/0x5A24FA122E623651 2019-01-04 [C] [expires: 2021-01-03]\r\n\r\n      Key fingerprint = F589 0F08 068C 5251 DEC5  CB91 5A24 FA12 2E62 3651\r\n\r\nuid                              John Doe &lt;john.doe@example.com&gt;\r\n\r\nsub   rsa3072\/0x2C0CC4A184234A5A 2019-01-04 [S] [expires: 2021-01-03]\r\n\r\nsub   rsa3072\/0x87264AAEEB639812 2019-01-04 [E] [expires: 2021-01-03]\r\n\r\nsub   rsa3072\/0x5027A7FB918DF7CE 2019-01-04 [A] [expires: 2021-01-03]\r\n\r\n002  [ ] Fingerprint OK        [ ] ID OK\r\n\r\n...<\/pre>\n<h4><span class=\"ez-toc-section\" id=\"Check-your-Key-the-UIDs-and-the-Fingerprint-Listed-in-the-File\"><\/span>Check your Key, the UIDs and the Fingerprint Listed in the File<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Check if your keys are present and the UIDs and the fingerprint are listed correctly. If they are not, inform the signing organizer immediately. It is very important that you verify the fingerprints of your keys on the hardcopy at home.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"Compute-and-Verify-the-Checksum-of-the-File\"><\/span>Compute and Verify the Checksum of the File<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Compute the SHA256 hash of ksp-example-event.txt:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ sha256sum ksp-example-event.txt<\/pre>\n<p>It is very important to compute the hash value before printing at home.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"Print-ksp-example-eventtxt-to-Paper\"><\/span>Print ksp-example-event.txt to Paper<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Please ensure to use a mono space font for the printout. One way to do this is to use <strong>vim<\/strong> (see :help :hardcopy). Or you can use <strong>enscript<\/strong> and <strong>ps2pdf<\/strong> (ghostscript package) to generate a PDF file:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ enscript --header='$n||$%\/$=' ksp-example-event.txt -o - | ps2pdf - \/tmp\/output.pdf<\/pre>\n<h4><span class=\"ez-toc-section\" id=\"Fill-in-the-Computed-Hash-on-the-Printout\"><\/span>Fill in the Computed Hash on the Printout<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Now fill in the hash value of the file to the fields on the printout:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">SHA256 Checksum: ____ ____   ____ ____   ____ ____   ____ ____\r\n\r\n                 ____ ____   ____ ____   ____ ____   ____ ____              [ ]<\/pre>\n<h4><span class=\"ez-toc-section\" id=\"Bring-Printout-Pen-and-Government-Issued-ID-to-the-Event\"><\/span>Bring Printout, Pen and Government Issued ID to the Event<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>All you have to bring to the event is the printout, a pen and one form of government issued ID (e.g. Passport or ID card).\u00a0Ensure that the government issued ID is still valid and you can be recognized on the photo.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"Be-on-Time\"><\/span>Be on Time!<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>It is important that you are on time for the event as the verification is done simultaneously.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"During-the-party\"><\/span>During the party<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>For each participant you have to follow these steps:<\/p>\n<ol>\n<li>Compare the hash you computed with the other participant.<\/li>\n<li>Ask if the other participant&#8217;s gpg fingerprint on the hardcopy is correct.<\/li>\n<li>Verify each other&#8217;s identity by matching user IDs against the government issued ID<\/li>\n<li>If you are satisfied with the identification, mark on your hardcopy that the other participant&#8217;s gpg fingerprint is correct and has been identified.<\/li>\n<\/ol>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">012 [ ] Fingerprint OK [ ] ID OK<\/pre>\n<p>To speed up the first step, the hash sum is displayed or at least read out loudly by the organizer at the beginning, so each participant can compare it with the one filled out on the printout.<\/p>\n<p>Depending on the number of participants it might be required to line up according to the number next to their key on the list.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"After-the-Party\"><\/span>After the Party<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Try to make sure to sign the keys you verified within 4 weeks after the event. It is recommended to use <strong>caff<\/strong> to sign keys (one of the scripts of <a href=\"https:\/\/salsa.debian.org\/stappers\/pgp-tools\" target=\"_blank\" rel=\"noopener\">pgp-tools<\/a>.<\/p>\n<blockquote><p>caff takes a list of keyids on the command line, fetches them from a keyserver and calls GnuPG so that you can sign it. It then mails each key to all its email addresses &#8211; only including the one UID that we send to in each mail, pruned from all but self sigs and sigs done by you. The mailed key is encrypted with itself as a means to verify that key belongs to the recipient.<\/p><\/blockquote>\n<p>Do not upload the signed public key to a public key server, so the owner of the key can decide what happens with your signature. If you don&#8217;t have an MTA (mail transfer agent) configured on your machine you can configure <strong>caff<\/strong> to use <strong>msmtp<\/strong> for mail transfer.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"Configure-msmtp\"><\/span>Configure msmtp<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Please adjust the from, user, password, host, password and tls_trust_file (if needed) fields:<\/p>\n<p>msmtp config:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ cat ~\/.msmtprc\r\n\r\ndefaults\r\n\r\nauth on\r\n\r\ntls on\r\n\r\ntls_trust_file \/etc\/ssl\/certs\/ca-certificates.crt\r\n\r\nlogfile ~\/.msmtp.log\r\n\r\naccount default\r\n\r\nhost &lt;smtp-server&gt;\r\n\r\nport 587\r\n\r\nfrom john.doe@example.com\r\n\r\nuser john.doe@example.com\r\n\r\npassword &lt;password&gt;\r\n\r\naccount default : default<\/pre>\n<p>Note: To use msmtp with Google Mail you have to generate an <a href=\"https:\/\/support.google.com\/accounts\/answer\/185833\">app password<\/a>.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"Configure-caff\"><\/span>Configure caff<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>Please adjust the owner, email, keyid, local-user and also-encrypt-to fields:<\/p>\n<p>caff config:<\/p>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ cat ~\/.caffrc\r\n\r\n# .caffrc -- vim:ft=perl:\r\n\r\n# This file is in perl(1) format - see caff(1) for details.\r\n\r\n$CONFIG{'owner'} = 'John Doe';\r\n\r\n$CONFIG{'email'} = 'john.doe@example.com';\r\n\r\n$CONFIG{'keyid'} = [ qw{long-keyid} ];\r\n\r\n$CONFIG{'local-user'} = [ qw{long-keyid} ];\r\n\r\n$CONFIG{'also-encrypt-to'} = [ qw{long-keyid} ];\r\n\r\n# only needed if you want to use msmtp for mail transfer\r\n\r\n$ENV{'PERL_MAILERS'} = 'sendmail:\/usr\/bin\/msmtp';<\/pre>\n<h4><span class=\"ez-toc-section\" id=\"Link-your-gpgconf-file-to-caff\"><\/span>Link your gpg.conf file to caff<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ mkdir -p ~\/.caff\/gnupghome\r\n\r\n$ ln -s ..\/..\/.gnupg\/gpg.conf .caff\/gnupghome\/<\/pre>\n<h4><span class=\"ez-toc-section\" id=\"Sign-key-with-caff\"><\/span>Sign key with caff<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<pre class=\"toolbar:2 nums:false show-plain-default:true lang:default decode:true\">$ caff 0x0123456789ABCDE<\/pre>\n<p>Match the fingerprint of each key and the user ID with the ones provided on the printout before signing.<\/p>\n<p>Happy key signing and stay tuned for the next part of the OpenPGP blog series!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.<\/p>\n","protected":false},"author":202,"featured_media":15058,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"ep_exclude_from_search":false,"footnotes":""},"tags":[101],"service":[879],"coauthors":[{"id":202,"display_name":"Hannes von Haugwitz","user_nicename":"hhaugwitz"}],"class_list":["post-21107","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","tag-security","service-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>OpenPGP: Web of Trust and Key Signing Parties (Part 2) - inovex GmbH<\/title>\n<meta name=\"description\" content=\"The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpenPGP: Web of Trust and Key Signing Parties (Part 2) - inovex GmbH\" \/>\n<meta property=\"og:description\" content=\"The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/\" \/>\n<meta property=\"og:site_name\" content=\"inovex GmbH\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/inovexde\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-16T12:47:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-11-24T09:38:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Hannes von Haugwitz\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero-1024x576.png\" \/>\n<meta name=\"twitter:creator\" content=\"@inovexgmbh\" \/>\n<meta name=\"twitter:site\" content=\"@inovexgmbh\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hannes von Haugwitz\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"10\u00a0Minuten\" \/>\n\t<meta name=\"twitter:label3\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data3\" content=\"Hannes von Haugwitz\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/\"},\"author\":{\"name\":\"Hannes von Haugwitz\",\"@id\":\"https:\/\/www.inovex.de\/de\/#\/schema\/person\/b23588a2446d4ceb063b70b7c9fef782\"},\"headline\":\"OpenPGP: Web of Trust and Key Signing Parties (Part 2)\",\"datePublished\":\"2019-01-16T12:47:34+00:00\",\"dateModified\":\"2022-11-24T09:38:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/\"},\"wordCount\":1266,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.inovex.de\/de\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png\",\"keywords\":[\"Security\"],\"articleSection\":[\"English Content\",\"General\",\"Methods\"],\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/\",\"url\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/\",\"name\":\"OpenPGP: Web of Trust and Key Signing Parties (Part 2) - inovex GmbH\",\"isPartOf\":{\"@id\":\"https:\/\/www.inovex.de\/de\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png\",\"datePublished\":\"2019-01-16T12:47:34+00:00\",\"dateModified\":\"2022-11-24T09:38:17+00:00\",\"description\":\"The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage\",\"url\":\"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png\",\"contentUrl\":\"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png\",\"width\":1920,\"height\":1080,\"caption\":\"A modern take on the openpgp\/gnupg logo.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.inovex.de\/de\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OpenPGP: Web of Trust and Key Signing Parties (Part 2)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.inovex.de\/de\/#website\",\"url\":\"https:\/\/www.inovex.de\/de\/\",\"name\":\"inovex GmbH\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.inovex.de\/de\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.inovex.de\/de\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.inovex.de\/de\/#organization\",\"name\":\"inovex GmbH\",\"url\":\"https:\/\/www.inovex.de\/de\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.inovex.de\/de\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.inovex.de\/wp-content\/uploads\/2021\/03\/inovex-logo-16-9-1.png\",\"contentUrl\":\"https:\/\/www.inovex.de\/wp-content\/uploads\/2021\/03\/inovex-logo-16-9-1.png\",\"width\":1921,\"height\":1081,\"caption\":\"inovex GmbH\"},\"image\":{\"@id\":\"https:\/\/www.inovex.de\/de\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/inovexde\",\"https:\/\/x.com\/inovexgmbh\",\"https:\/\/www.instagram.com\/inovexlife\/\",\"https:\/\/www.linkedin.com\/company\/inovex\",\"https:\/\/www.youtube.com\/channel\/UC7r66GT14hROB_RQsQBAQUQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.inovex.de\/de\/#\/schema\/person\/b23588a2446d4ceb063b70b7c9fef782\",\"name\":\"Hannes von Haugwitz\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.inovex.de\/de\/#\/schema\/person\/image\/1351fbd840b93db5a6b24fa8f7747bb8\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/34eef571f83e0e51f34de66d18bacf07c642d54636f968345e53dedbbabf7921?s=96&d=retro&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/34eef571f83e0e51f34de66d18bacf07c642d54636f968345e53dedbbabf7921?s=96&d=retro&r=g\",\"caption\":\"Hannes von Haugwitz\"},\"url\":\"https:\/\/www.inovex.de\/de\/blog\/author\/hhaugwitz\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OpenPGP: Web of Trust and Key Signing Parties (Part 2) - inovex GmbH","description":"The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/","og_locale":"de_DE","og_type":"article","og_title":"OpenPGP: Web of Trust and Key Signing Parties (Part 2) - inovex GmbH","og_description":"The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.","og_url":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/","og_site_name":"inovex GmbH","article_publisher":"https:\/\/www.facebook.com\/inovexde","article_published_time":"2019-01-16T12:47:34+00:00","article_modified_time":"2022-11-24T09:38:17+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png","type":"image\/png"}],"author":"Hannes von Haugwitz","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero-1024x576.png","twitter_creator":"@inovexgmbh","twitter_site":"@inovexgmbh","twitter_misc":{"Verfasst von":"Hannes von Haugwitz","Gesch\u00e4tzte Lesezeit":"10\u00a0Minuten","Written by":"Hannes von Haugwitz"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#article","isPartOf":{"@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/"},"author":{"name":"Hannes von Haugwitz","@id":"https:\/\/www.inovex.de\/de\/#\/schema\/person\/b23588a2446d4ceb063b70b7c9fef782"},"headline":"OpenPGP: Web of Trust and Key Signing Parties (Part 2)","datePublished":"2019-01-16T12:47:34+00:00","dateModified":"2022-11-24T09:38:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/"},"wordCount":1266,"commentCount":0,"publisher":{"@id":"https:\/\/www.inovex.de\/de\/#organization"},"image":{"@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png","keywords":["Security"],"articleSection":["English Content","General","Methods"],"inLanguage":"de","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/","url":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/","name":"OpenPGP: Web of Trust and Key Signing Parties (Part 2) - inovex GmbH","isPartOf":{"@id":"https:\/\/www.inovex.de\/de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage"},"image":{"@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png","datePublished":"2019-01-16T12:47:34+00:00","dateModified":"2022-11-24T09:38:17+00:00","description":"The second part of the OpenPGP blog series explains the Web of Trust and how to participate in a key signing party to extend it.","breadcrumb":{"@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/"]}]},{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#primaryimage","url":"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png","contentUrl":"https:\/\/www.inovex.de\/wp-content\/uploads\/2019\/01\/openpgp-gnupg-hero.png","width":1920,"height":1080,"caption":"A modern take on the openpgp\/gnupg logo."},{"@type":"BreadcrumbList","@id":"https:\/\/www.inovex.de\/de\/blog\/openpgp-create-a-new-gnupg-key-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inovex.de\/de\/"},{"@type":"ListItem","position":2,"name":"OpenPGP: Web of Trust and Key Signing Parties (Part 2)"}]},{"@type":"WebSite","@id":"https:\/\/www.inovex.de\/de\/#website","url":"https:\/\/www.inovex.de\/de\/","name":"inovex GmbH","description":"","publisher":{"@id":"https:\/\/www.inovex.de\/de\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inovex.de\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.inovex.de\/de\/#organization","name":"inovex GmbH","url":"https:\/\/www.inovex.de\/de\/","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.inovex.de\/de\/#\/schema\/logo\/image\/","url":"https:\/\/www.inovex.de\/wp-content\/uploads\/2021\/03\/inovex-logo-16-9-1.png","contentUrl":"https:\/\/www.inovex.de\/wp-content\/uploads\/2021\/03\/inovex-logo-16-9-1.png","width":1921,"height":1081,"caption":"inovex GmbH"},"image":{"@id":"https:\/\/www.inovex.de\/de\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/inovexde","https:\/\/x.com\/inovexgmbh","https:\/\/www.instagram.com\/inovexlife\/","https:\/\/www.linkedin.com\/company\/inovex","https:\/\/www.youtube.com\/channel\/UC7r66GT14hROB_RQsQBAQUQ"]},{"@type":"Person","@id":"https:\/\/www.inovex.de\/de\/#\/schema\/person\/b23588a2446d4ceb063b70b7c9fef782","name":"Hannes von Haugwitz","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.inovex.de\/de\/#\/schema\/person\/image\/1351fbd840b93db5a6b24fa8f7747bb8","url":"https:\/\/secure.gravatar.com\/avatar\/34eef571f83e0e51f34de66d18bacf07c642d54636f968345e53dedbbabf7921?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/34eef571f83e0e51f34de66d18bacf07c642d54636f968345e53dedbbabf7921?s=96&d=retro&r=g","caption":"Hannes von Haugwitz"},"url":"https:\/\/www.inovex.de\/de\/blog\/author\/hhaugwitz\/"}]}},"_links":{"self":[{"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/posts\/21107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/users\/202"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/comments?post=21107"}],"version-history":[{"count":1,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/posts\/21107\/revisions"}],"predecessor-version":[{"id":39557,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/posts\/21107\/revisions\/39557"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/media\/15058"}],"wp:attachment":[{"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/media?parent=21107"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/tags?post=21107"},{"taxonomy":"service","embeddable":true,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/service?post=21107"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.inovex.de\/de\/wp-json\/wp\/v2\/coauthors?post=21107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}