This article is from the PGP FAQ, by Jeff Licquia firstname.lastname@example.org with numerous contributions by others.
Though the idea is simple, actually doing it is a bit complex, because
you don't want to compromise other people's private keys or spread
viruses (which is a risk whenever floppies are swapped willy-nilly).
Usually, these parties involve meeting everyone at the party,
verifying their identity and getting key fingerprints from them, and
signing their key at home.
Derek Atkins <email@example.com> has recommended this method:
There are many ways to hold a key-signing session. Many viable
suggestions have been given. And, just to add more signal to this
newsgroup, I will suggest another one which seems to work very well
and also solves the N-squared problem of distributing and signing
keys. Here is the process:
1. You announce the keysinging session, and ask everyone who plans to
come to send you (or some single person who *will* be there) their
public key. The RSVP also allows for a count of the number of
people for step 3.
2. You compile the public keys into a single keyring, run "pgp -kvc"
on that keyring, and save the output to a file.
3. Print out N copies of the "pgp -kvc" file onto hardcopy, and bring
this and the keyring on media to the meeting.
4. At the meeting, distribute the printouts, and provide a site to
retreive the keyring (an ftp site works, or you can make floppy
copies, or whatever -- it doesn't matter).
5. When you are all in the room, each person stands up, and people
vouch for this person (e.g., "Yes, this really is Derek Atkins --
I went to school with him for 6 years, and lived with him for 2").
6. Each person securely obtains their own fingerprint, and after
being vouched for, they then read out their fingerprint out loud
so everyone can verify it on the printout they have.
7. After everyone finishes this protocol, they can go home, obtain
the keyring, run "pgp -kvc" on it themselves, and re-verify the
bits, and sign the keys at their own leisure.
8. To save load on the keyservers, you can optionally send all
signatures to the original person, who can coalate them again into
a single keyring and propagate that single keyring to the
keyservers and to each individual.
This seems to work well -- it worked well at the IETF meeting last
month in Toronto, and I plan to try it at future dates.