A "how to" guide for in-person validations (IPV).
AKA /nyx/lib/valhelpers/Readme.

1)  Setup.

You first tell me (aburt) you want to help with validation.  I'll create
a file, /nyx/lib/valhelpers/YOURNAME, which you edit to fill in the
blanks (saying when/where/etc.).

Next run "pgp -kg" to get set up with pgp so you can send me notes.
See item (3) for full details on this.
After that, send me the output of "pgp -kxa" so I can read what you send
and send me your revalidation password encrypted using your key so I know
it's really *you*.

2)  How.

When someone comes to visit you for a validation, do this:

	- Take their filled out form (hopefully they brought it with
	  them, but it might behoove you to have a few blanks).
	- Verify they've filled out *everything*.
		* Especially make sure they actually HAVE a usercode
		  already -- I get numerous forms for people who haven't
		  yet created the account by logging in as 'new'.  If
		  they don't have the account yet, don't send me the form
		  until they do. Waste of time.
		* Make sure they put in a revalidation password and that
		  they understand the concept if they haven't filled it in yet.
	- Check their ID.  It's your call, but be on the lookout for fake
	  school IDs, etc.
	- Sign as the notary, write 'IPV' and your username.
	- Send them off, they're done.
	- Send the form to me.
	- Send me e-mail with subject "IPV - username" (their username).
		I'd prefer you send me the message signed with pgp.
	   **>  The easiest way to do this is to run the program "ipv"
		followed by the usernames of who you've validated:
			ipv jsmith qdoe xjones
		it'll run pgp & mail, asking for your pgp password.
		To set up pgp, type "pgp -kg" and do what it says.
		(I suggest 512 or 1024 bits, FYI.)

I'll validate people on the basis of your pgp-signed mail, but I still
want the forms for the file.

3)  Pgp info.

After you run "pgp -kg" to create your own key, do these two things:

	-  Run "pgp -ka /nyx/lib/valhelpers/Readme" (I think this'll
	   work, haven't tested it).  This should add my public key to
	   your "keyring" so you can send me messages.  (Note that it's
	   not necessary for you to encrypt your IPVs with *my* key, since
	   it doesn't matter if anyone else but me reads the mail.  What
	   matters is that nobody but you could have -sent- the mail.)

	-  Run "pgp -kxa", extract your own public key to a file,
	   then mail that file to me.
	   
	-  Send me your revaliation password encrypted using your key and
	   also encrypted with my key to prove that you're really you.  To
	   do this put your reval passwd in a file, run "pgp -esa FILE aburt"
	   and mail me the result.  Delete the FILE of course.

Note that this isn't the 100% perfect use of pgp, but I think it's
certainly no worse than the prior scheme, and given that the paper
form still follows in the mail, it is entirely satisfactory.

My pgp public key is:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.2

mQCNAivpMNwAAAEEALoY2rMZvq1qYgXnEQRZ3UdLs5SUmjBoZ+vMB00OkRxQtdjf
wUt063dDTAGbWYVOqifAYhCMjD4IfZRJIg2QdcNQrgj4FA5hbBb5KrLWwTaiSGhh
G23ZnQjyzcTJFtqzatkWF8/2of9nZamopjVkVObRRcIB3TXkRwoWBgNjalxFAAUR
tB1BbmRyZXcgQnVydCA8YWJ1cnRAY3MuZHUuZWR1Pg==
=H7Uv
-----END PGP PUBLIC KEY BLOCK-----