 The duplicate 2.1 has been interesting to many of us to state it easily. I am sure I'm not the only person thankful for Ibe and the whole crew to be making this explanation. So thank you very much. Please welcome them. So now we start the presentation. The first part is mine. I explain about Gunno PG 2.1 and the major part is our demonstration to explain the interaction between multiple binaries of Gunno PG. Well, I am a Debian developer since 2005 and I joined Gunno PG development in 2011. So for me, GPG is important to protect my own privacy and Debian is also very important for me to protect my own computing. So I'm glad to be here to talk about GPG. I'd like to say thank you for coming joining this my talk, our talk. And I'd like to say thank you to organizers so that I can now have opportunity to play the demonstration together with my family and the Debian. Yes, so let's start. So here is the contents. There is a misunderstanding that GPG 2.1 is better software. No, it's not. It's for everyone. And everyone relies on Gunno PG somehow and it is very important and then I explain the relationship between Debian and Gunno PG. And I will explain the three different branches of Gunno PG and I briefly explain what's new in 2.1. And the most important thing is our demonstration, the interaction between GPG executables. And GPG 2.1 is not better, better software. Well, it is somehow new but it is more than three years ago when GPG 2.1.0 was released. And unfortunately many people misunderstand it's better or 2.1 is too new and some people avoid using GPG 2.1. So basically today my message is that GPG 2.1 is for everyone. And I have friend GPG, Gunno PG has been evolved and GPG evolves just like Debian evolves. And GPG 2.1 is stable enough but I'm not sure that when I visited here GPG 2.1.23 has been released by Vanakoff. So I'm not sure how 2.1.23 is stable. But I think that this year GPG 2.2 will be available as soon as. So I need to explain how it is important. My point is that Gunno PG, everyone somehow relies on Gunno PG directly or indirectly. Because many servers are running Gunno Linux and in Gunno Linux distro we have an integrity check by Gunno PG. And when Debian developer upload packages it is signed and it is authenticated by Gunno PG. And in this slide I'd like to say congratulations Debian, the release, new release, Stretch. And now we have GPG as 2.1 as a default. And actually during the development of the Stretch release we have many struggles for the migration. So I say thank you Debian for the migration of GPG 2.1. And while Debian community is heavy user of Gunno PG, it is also important from our development of Gunno PG. Debian is very important for Gunno PG 2. Currently we have six Gunno PG developers including me. And we use Debian as an infrastructure. And I also use Debian for my own development. And because of Debian, Gunno PG migration to 2.1 has been going well. Yes, especially I'd like to say thank you to Debian Gunno PG maintainers, DKG and Eric. And all Debian developers because someone had a problem using GPG 2.1 during this release cycle. Thank you. Now package Gunno PG is GPG 2.1. And when you type GPG it means that GPG 2.1. And GPG 1.4 is gone but still it is available as Gunno PG 1 package. The command is available as GPG 1. So one character, one is needed. So you can install both packages Gunno PG and Gunno PG 1 install it. And now in upstream we have three different launches. GPG 1.4 we say classic and GPG 2.0 stable and GPG 2.1 more down. In GPG 1.4 we only had single binary. And its feature is that old format, PGP 2 format supported. And dual in 1.4 and 2.1 we have stable version 2.0 which compose of executable and libraries. And in GPG 2.0 GPG agent had very limited functionality. It is just passphrase cache region it was. And this end of year 2017 December 31 the support will be finished. So country GPG 2.1 is I type it there. We have multiple executable and libraries. And this is a very important point that your private key is under control of the program named GPG agent. And it is like it is high user demon. And it is in stretch it is under the control of system D. So when you log in it is automatically invoked. And we have a program named directly manager. And it was external program in the day of GPG 2.0. But now it is included as a GPG package. So this slide I explain what's new in 2.1. We have new features ECC support or TOEFL or experimental feature like Web Key Discovery and G13 tool for disk encryption. But usually people don't need to use such a new features. I will explain in next of my talk I will explain about ECC. And in this presentation I only explain major changes of architectural change of GPG. So that when you encounter some issue you know the structure of the GPG. So the public key format has been changed. And the private key format has been changed in 2.1. So now we explain about architectural change. I mean GPG agent does private key operations. And directly manager is now part of UNOBG. And this is the explanation about GPG 1.4. It is only single binary. The user interacts GPG and GPG interacts key servers. And possibly open BGP card or GNUG token, the security token. That's the figure. And it has been changed to this figure in 2.1. Many functionalities are factored out to the library. Live Assume, live KSPA stands for Casper. And live GRIFT and GPG error and new P-flat library. That's a small group to P-flat. And now we have four or five executable. Directly manager, GPG, GPG agent and STDM and P-entry. So the major part of this presentation is that I will explain how these programs interact each other. So please welcome my family and Adrian. He is my friend from Germany. Because GPG is basically German project and it is very popular in Germany. So we are going to change the profile. He is user. And are you mean my daughter plays as a... Yes, she is GPG. And you know that like my family, GPG agent is most important. And behind the scene we have another director. Yes, he handles public key retriever. So I explain three different operations. Actually in this figure we have SCDEMO, which is me. But it is only you know that usually in family the father doesn't do much work but just read manga or something. So I specifically work for token or security smart card support. In this demonstration we don't use token, so I just explain. So the first operation is retriever of public key. So this is the figure of the interaction. Adrian user command, type in command. GPG, iPhone, iPhone, less key, some fingerprint. Yes. So GPG, please receive key. Yes, yes. You see that we have inter process communication. Yes. And he retrieved the key from key server. That's a public key. And Adrian get the public key. And the next thing is verify the signature. Suppose that this is a signature. And the user want to verify this signature. This is the figure. And signature verification can be done by only GPG. Because GPG controls the public key while GPG agent controls private key. Let's do it. GPG, please verify signature. Yes. The last part is the most complex digital signature. It's somehow complicated. Because we have another program, GPG agent, and this represents pin entry. Yes. So it's somehow complicated. But let's do that. Hiroshi, I'm sorry. Hiroshi, I'm dead. GPG, please sign the message. The message goes to the... No, no, no. This is the document. He keeps. And the command goes to the GPG to GPG agent. And the GPG agent has a private key. But she found that it is locked by pathways. So she asks pin entry to ask user's pathways. So pin entry goes to user. What's your pathways? The pathways is open sesame. The pin entries receive the pathways and give the pathways to GPG agent. Then now the private key is enabled. Then she can sign, she can generate digital signature on behalf of Italian. Then the signature goes through the GPG front end. So that's the digital signature generation. That's the explanation of how GPG 2.1 works. So to summarize, everyone somehow relies on GPG. So it is better to have knowledge how it works. And GPG 2.1 is not better. It's for everyone. In Devian, we have a GPG package and it is 2.1. And we have multiple software components, GPG front end, played by my daughter Ayumi, and the GPG agent, played by my wife Hitoe, and directly manager, played by my son Hiroshi. And SCDM, which don't need to work, only need to work when user use token or smart card. So my message is that my point is that GPG evolves and keep evolving just like Devian. And hopefully, so do my GPG. Thank you. Our project, GunaPG, is running fundraising rally. Please have a visit. We have very good movies by my friend Neil, and it is interview to the real GPG users. There are many videos, so please have a look. Please watch the videos. Okay, so thank you very much. In a few minutes, we will continue again with Nive, talking about how to use with elliptic curves. So we have some minutes to shuffle whatever is needed for video or for you to move around and we'll be soon back. And lastly, I have a question to you. Which is either Devian or GunaPG? Actually, it is Devian. Thank you.