 Okay, so what we want to do here is to make a quick tour explanation of what key signing is. I know many of you know it very well. Who is here for the first time taking part of a key signing party? Okay, several people. Okay, you did send... Well, I know we cannot go case by case, but we are starting from the assumption that you got the file from Anibal, the file that he put in his People, There Be an Orc Space, and it's something like... Yeah, it should work now. I'm resetting my outputs once and twice. But surrender. Okay, let's go with your computer. It will be easier. Providing it still works. Yeah. Well, okay. Has one of you not downloaded a file from People, There Be an Orc, slash till the Anibal, slash something, slash ksp.txt? Somebody didn't download it. Okay. People that didn't download it really, really, really, really should think over if they are participating in the key signing or they should wait to properly understand and get the procedures because this is something important for each of us and we need you to already know that the file you have is valid. What we're going to do now is to check if each of you got exactly the same file. The thing is we're not just certifying each other in person. We're not exchanging fingerprints, but we are agreeing on a document that already has a magic number. That magic number is the result of a cryptographic operation done over the whole of it. Yeah, I think so. Yeah, I think that will be the best idea. So people that have their key signing party sheets printed, please start from that side onward. Each one of you reading one digit of the shot. Preferably not new printouts, preferably from the shot that you're calculating on your computer. That you calculated, yeah. So pointed someone in your start. Yeah, top left. Jeremy, okay. Going this way, who is the first one to have? I know, but we can only check those people that do have it. Sven. Okay, next. Okay, keep it coming, keep it coming. C, seven, three, two, one. Okay, so are we reasonably sure that this is the right number? I think I missed one. Okay, the reason for this, and the reason to do it, Mori suggested to do it in a distributed way, is that often if we don't have checked this number ourselves, for example, you are not sure if I did it because I was reading it from a paper. If I did not check this myself, well the file I have may be different from yours, or my signature, my fingerprint on that file may be different from what you all have. So once we have agreed on this, well, you can later grab one of these papers. Please remember to put your name on it, so you remember it's yours and whatnot. And this is meant to make it easier, so you don't have 10 pages of text with you, just one. But this is no replacement for the text you already have, that's where each of the fingerprints are. Now, what are we going to do? We're not going to have a key signing party in the traditional boring long sense. We're not going to start a queue and checking each other's identity. Each one of us will have different criteria on which to sign the key of another person. And the best way to do this is not to just start checking documents, but to do so in, well, to chat a bit, to get to know the person, but because that's the only way the identity will really remain like fixed to our brains. Pogito doesn't trust anybody. I know poor little bird, but well, we have to bear with him as the reason for us to lock him around the world is that he doesn't trust the airline carriers to buy his own plane tickets. Well, in the other session I was telling about some ideas I've been playing with, and I want you to consider at least, although Ashish did an interesting observation to what I suggested, I suggest you consider expiring signatures. Say, I know some of you for a very long time and I know that I will still remember you in a long time, but people that we have not known for so long, well, maybe we should sign for a short amount. Maybe we should sign, create signatures for three years, that's what I suggest, and renew them later on. What Ashish said is that GPG doesn't really allow for that, so we have to really triple check that at some point, but it does allow for expiring signatures. I think we should do it. Well, my computer is not video enabled right now, but maybe you can, there's a GPG option, ask certs, ask cert expires. If you say this to GPG, it will ask you how long do you want a key to be, a key signature to be valid for. I have put this in my, both my GPG.com and my CAF, gnpghomegpg.gov. If you're using CAF, remember to use CAF, remember to use it, to do that as well. Yeah, well, yeah, Vidal is asking what's the point of expiring signatures. The thing is, I will most probably remember your face ten years from now, if I don't see you from now to then, but it's not the case of everybody. And this is the source of the only link to real world identities we have. If you check in your, what you have signed so far, you will probably find many people you don't remember who they are. So you're still asserting their identity today. The problem with your assertion is just because I don't remember their face in ten years, it doesn't invalidate the fact that I went to some effort to validate the relationship between their key material and their real world identity at the time we signed. So while I understand your point about we don't always remember people forever, to me, once I've engaged in sort of the protocol that I require for giving someone a signature on their key, I don't see how time invalidates that. Right, I mean, it's a personal policy. Well, what I showed in my previous talk goes about how I think these maps with reality, with what we have seen in the evolution of our key ring. But again, this is not something we will ever require. This is something I suggest. My point was overlapped with what Bdale just said, but it also includes a suggestion. First of all, in the other session you did say that your interpretation of what a signature means is at this point in time that person controls the key. Even if I remember you in several years, which again I think is likely, it does not mean that I have any evidence that in several years time you control the same key, but in several years time it has not stopped including you did control several years prior. So instead of having a time limited signature or revoking old signatures, I think it makes sense between now and three years from now to teach GPG how at the user's discretion, whether they've been adopted as a policy or not, to ignore old signatures and then we would still not necessarily have to see each other, but I would have to have some way of knowing that in 2019 you control the key at that point, but I would not need to see your ID. Yeah, I mean, this is, yeah, you're completely right. And that's part of what I was talking with Ashish right now. I think Jonathan was wanting to ask. So yeah, there's just the first time I'm like widely floating this idea, and I do expect well, several frictions to appear with it, but I think there's, it's worth exploring. So there is some disagreement about the validity, not the validity that the usefulness of this even within key ring means. DGG's position is a signature is an assertion that at a point in time all of his procedures were complied with in a way that he was happy to sign the key, but DKG from 2011 is different to DKG from 2016, and his policies may have changed and an expiry offers him the opportunity to reassert that his procedures are still being met and he is still happy with the signature on that key, which is a valid viewpoint. I think the thing is that anyone who's looking at doing certificate expiry and wants to do the signature expiry, the tools are terrible. So the risk from my point of view is if people start doing this without committing to being updating their signatures and resigning keys, we will have a web that falls apart because we have all expired signatures. So I personally am not engaging in this at present. I can see some benefit to it if people want to play with it, be aware that unless you make a concerted effort, say you choose a three-year expiry in three years' time, you need to go back and look at your signatures again, or things start to fall apart in unuseful ways. So there is a commitment, a long-term commitment, if you want to engage in this. There is some benefit if you want to be able to say update your key signing policies in the future, but time will tell. And I certainly think that as soon as I made ten years ago, we're still cryptographically strong and therefore still valid as I identified these people and whatever. So it's a choice thing. And it's an awareness of there are some potential benefits, I suppose. Should we repeat the protocol of the key signing process? Yeah. Well, as you suggested earlier, maybe we can exchange signatures here for all to see, for the people who have not to kind of complicate it for me to sign people's keys then. The basics of the protocol are we all agreed on this hash. We all downloaded this text file and calculated the hash in that, can you repeat? Well, yes, as I was going to say, that's what I'm explaining. When you've downloaded that file, you check that your key appeared in it correctly, that the fingerprint of your key was the fingerprint of the key you control. When you want to sign someone's key, you verify that their name matches the person you're talking to. However, you choose to do that. And people have different protocols on this. Some people could document something. Yeah. Each person will have different trust levels. For example, I was about to tell you, well, if we haven't crossed signed yet, you're free to tell me, well, I'm not signing based on this because I don't have my passport on me. Most people trust on their pass on the other person's passport. That's my only ID here in South Africa, as a Mexican. So I can just produce these two documents, which may be sufficient for somebody and not for somebody else. So tell me, are you okay by signing my key based on this? I'm happy to sign your key without seeing those because I've known you for several times. Yeah, I often don't check the identity of people I can already recognize. But, well, it's not bad for each of you to set their own levels of trust. So you verify the person's identity and either using one of these cheat sheets, you note that they say they've checked the fingerprints and they've checked their key's fingerprints. I mean, they've checked the signature of the file, the hash of the file, they've checked their key's fingerprints in the file. And you put another checkbox in a bit that you're happy with their identity. So I check that I could try and use this document's camera. Oh, you see these things? They're very fancy. Wow. Okay, wow. So this copy belongs to Stefano Rivera. I have verified that that hash is the correct hash. I have verified that my key is correctly in there and have you verified that your key? I verified my key is correct. Okay. And you verified the hash in this presentation? Of course I verified the hash just a few minutes ago. Okay. No, I didn't check it at this presentation. I checked it before, but I did check it. I verified the fingerprints, he's verified his ID. At that point, I'm happy to go off and sign his key later, which I have to do offline, unfortunately. Okay, so I will try to get my computer to output video by this thing because I can't sign your key from my home machine. But shall we put that down? Oh, do you want that? Yeah. Yes, I cannot output video but well, I think we're actually five minutes over time now. It's just the end of the day, isn't it? Oh, there's another speaker. So if anyone wants to watch gonna sign a key, it's very exciting. I really, really, this is like one of the best bits of Debian. Oh, okay. Can I make a suggestion that I thought of as a tweak to the long line key signings, but we could probably apply it here somehow, which in the past, it struck me that the problem with the long line key signings is that you can get the signatures from the weakest link in the key signing. So someone that's a complete idiot and doesn't check anything will sign everybody's key. And it would be nice if we raised the bar a bit and made it so that it was something closer to the most paranoid person standards that were applied. So if you have a long line and when you saw someone's ID was total nonsense, you shouted out the number of the person that you weren't going to sign, then the next people would be much more suspicious, much more suspicious of that ID. So if if you see ID, and you have a good reason to be suspicious of it, I think we should collect that information. Because if someone presents me with a dodgy looking UK passport, I will probably spot it. But I won't spot the problem with, I don't know, an Argentinian passport and vice versa. So we have some people that are quite expert at assessing this stuff. If we collected, whenever anybody actually has a good reason to be suspicious, then that might attempt people not to trust that ID after all, even though it looked okay to them over the time. Anybody think that's fair enough? Are you going to hit enter? Yeah, okay. Okay. Sorry.