Gunnar Wolf

Since the keyring-maint team started aggressively pushing for the retirement of short, obsoleted PGP keys two years ago, I started trying to get the keyring to "spew" some interesting data for us. Besides just showing the evolution on the number of keys conforming to our current best-practices, I started looking at the ugly entanglement of our keyring's graphical representation, and started hypothetizing what caused certain patterns to appear in its evolution. I am currently starting to do some aging and vitality analysis on the signatures and the keys themselves.

The work I will be presenting is not likely to be a gamechanger for Debian, but it can be an entertaining way to understand social relationships in our project, and can lead us to understand some important turning points — maybe even forsee and prevent issues from arising at all.

Introduction to good GnuPG and keysigning practices.

Re-verify the continuous keysigning hash, plus a brief introduction to what a Key-Signing Party is and how (and why!) is it being held "continuously" at DebConf16.