Additional Programming

Sunday, 24 June

FIRST Training

FIRST is offering training courses on Sunday, 24 June. More details and a registration link will be available soon.

Friday-Saturday, June 29-30th

NatCSIRT Meeting 2018

13th Annual Technical Meeting for CSIRTs with National Responsibility

Is your organization responsible for protecting the security of nations, economies, and critical infrastructures? If so, attend NatCSIRT 2018 to discuss with your peers the unique challenges you face every day. You will drive discussions that focus on current issues, tools, and methods relevant to the National CSIRT community. This year's meeting is co-located with the 30th Annual FIRST Conference in Kuala Lumpur. This meeting is by invitation only and more details can be found at

Monday-Friday, June 25-29th

Birds of a Feather (BoFs)

Bird of a Feather Sessions, activities primarily focus on meetings which take place at the conference based on the interest of a number of members. They are not necessarily intended to lead to year round work.

BoF sessions are scheduled to take place during before conference sessions begin (8:30-9:30am) or following the final session of the day. We will have an up-to-date-schedule and bulletin board near the registration desk onsite. Attendees are welcome to request a BoF in advance by emailing or by adding their own BoFs to the bulletin board onsite (rooms are assigned based on first come, first served - and room assignment space is limited. A Schedule of BoFs will be posted once confirmed.

Wednesday, 27 June

PGP Key Signing

Get your PGP Key signed to increase trust!
Wednesday, June 27th from 10:45 to 11:15 (at Registration desk).
Thursday, June 28th(at AGM).

Alexander Jaeger (FIRST)


PGP is one of the foundations of the security community, and to rely on PGP there needs to be trust in the PGP keys. The trust is made by signatures and validation of identity. FIRST facilitates this community effort by hosting PGP Key signing events.

We will have at least two PGP Key signing events - listen to the opening remarks or a remark at registration desk for changes in regards time / date.

In the past we did not sign team keys and we do not plan to change that.

Preparation before the conference

For those who haven’t participated in the past years it will go like to following:

  1. Upload your Public PGP key to the link below
  2. Check if your key is really uploaded (if not let me know early enough via mail, we will print the keys at the morning of the signing party)

Hint: Please do not upload your key an hour before the key signing, as I might be printing out the keyring a few hours earlier.

Upload your public key!

Preparation for the signing party at the conference

  1. Show up at the signing party like usual with a password / ID (most people will not sign without you providing such an ID)
  2. Participate the Signing party
  3. Get a copy of the printed keyring (I will provide n+20 where n is the number of keys on the keyring)
  4. Sign the keys of others by checking their identity
  5. Get your key signed by others by showing your ID / passport to the people

After the signing party / conference

8.1 Sign the keys with your PGP key 8.2 send the signed person the signed key with your signature

  1. Feel good — you increased the PGP web of trust

There is a good documentation about PGP Key signing parties:

Issues with biglumber?

People who wish to participate should email an ASCII extract of their PGP public key to by noon on Monday, June 25, 2018. Please include a subject line of "IETF PGP KEY", and please avoid MIME-encrypting your e-mail. (I will be running the entire mail folder file through PGP, and PGP-keys that are base-64 encoded will get ignored unless I take manual action to fix things. I will try do the manual fixup, but I make no guarantees about catching all of them.)