The key ceremony for the REEP service took place on 2014-05-18 after the REFEDS meeting in Dublin, Ireland.
I witnessed this ceremony and was convinced that the key attached to this post as a self-signed X.509 certificate was generated during the ceremony within the hardware security module in Sweden that will be used by the REEP service to sign metadata served by it. To certify this, I have generated a detached signature file for
reep.pem using my PGP key.
To the extent that you trust me to have taken care while witnessing the ceremony, you may find that validating my signature on
reep.pem gives you some comfort that metadata documents signed by the private key associated with
reep.pem are, indeed, legitimate outputs of the REEP service.
As an aside about the ceremony itself, proof that a particular computational event has occurred in a particular way is almost impossible in a world of networking and virtual machines. We've known this for a long time: the paranoia goes back at least as far as Ken Thomson's Reflections on Trusting Trust. We're not quite living in The Matrix, but the evidence of ones senses doesn't really go very far towards absolute proof. So what the other witnesses and I did during the ceremony — all we could do, really — was gain confidence by asking questions, taking photographs of the steps and trying to think of ways to validate them. For example, I was later able to verify that the
pkcs11-tool command being used was indeed the one which would be installed on a system running 64-bit Ubuntu 12.04. Unless, of course, Leif foresaw that trick and subverted the
md5sum command as well. It's turtles all the way down.