Learning from our keyring: What do our PGP keys say about the project? - Debconf 16

NUUG
https://debconf16.debconf.org/talks/22/
Editor: Petter Reinholdtsen
Category: Samfunn
Uploaded: 21 Jul 2016
Length: 0:34:41 (filler)
First broadcast: June 30, 2017, 5 a.m.

Since the keyring-maint team started aggressively pushing for the retirement of short, obsoleted PGP keys two years ago, I started trying to get the keyring to "spew" some interesting data for us. Besides just showing the evolution on the number of keys conforming to our current best-practices, I started looking at the ugly entanglement of our keyring's graphical representation, and started hypothetizing what caused certain patterns to appear in its evolution. I am currently starting to do some aging and vitality analysis on the signatures and the keys themselves.

The work I will be presenting is not likely to be a gamechanger for Debian, but it can be an entertaining way to understand social relationships in our project, and can lead us to understand some important turning points — maybe even forsee and prevent issues from arising at all.

Talk (20 mins) session with Gunnar Wolf during Debconf 16