The whole Engineering Productivity team under Greg is meeting for an offsite in November. It would be great for everyone to sign each others's PGP key. Here's my current thought for procedure:
[x] Lars makes a list of team members and collect everyone's PGP key
[x] If someone doesn't have a PGP, Lars helps them make one
[x] Lars badgers people until he has their key
[x] Lars makes a tarball with all the keys (actually, git repo)
[x] Lars makes a signing sheet with everyone's key info
[x] Before offsite, Lars distributes the keys and signing sheet so everyone has them at the offsite
[x] At offsite, Lars walks the team through the verification process: everyone compares the checksum of their copy of the of the signing sheet to the one I have, and verbally affirms their key info is correct
[x} Lars badgers people afterwards to make sure they sign the keys and email the signatures to key owners