REEP Key Ceremony
I witnessed this ceremony and was convinced that the key
attached to this post as a
self-signed X.509 certificate was generated during the ceremony within the
hardware security module in Sweden that will be used by the REEP service to sign
metadata served by it. To certify this, I have generated a
detached signature file
reep.pem using my PGP key.
To the extent that you trust me to have taken care while witnessing the
ceremony, you may find that validating my signature on
reep.pem gives you some
comfort that metadata documents signed by the private key associated with
reep.pem are, indeed, legitimate outputs of the REEP service.
As an aside about the ceremony itself, proof that a particular computational
event has occurred in a particular way is almost impossible in a world of
networking and virtual machines. We’ve known this for a long time: the paranoia
goes back at least as far as Ken Thomson’s
Reflections on Trusting Trust.
We’re not quite living in
but the evidence of ones senses doesn’t really go very far
towards absolute proof. So what the other witnesses and I did during the
ceremony — all we could do, really — was gain confidence by asking
questions, taking photographs of the steps and trying to think of ways to
validate them. For example, I was later able to verify that the
command being used was indeed the one which would be installed on a system
running 64-bit Ubuntu 12.04. Unless, of course, Leif foresaw that trick and
md5sum command as well. It’s turtles all the way down.