DebConf 23 Key Signing + setting up a new key

I’ve just finalised the OpenPGP key list for the DebConf 23 Keysigning party. This will follow the “new style” approach of being a continuous keysigning throughout the course of the conference, with an introduction session up front to confirm no one’s fingerprint is corrupted and that we all calculated the same hash of the file. Participants will then verify each other’s identities over the conference week, hopefully being able to build up a better level of verification than a one shot key signing session.

Those paying attention will note that my key details have changed this year; I am finally make a concerted effort to migrate to an elliptic curve based key. I managed to bootstrap it sufficiently at OMGWTFBBQ, but I’m keen to ensure it’s well integrated into the web of trust, so please do come talk to me at DebConf so we can exchange fingerprints!

pub   ed25519 2023-08-19 [C] [expires: 2025-08-18]
      419F B4B6 567E 6EF7 DEAF  80A0 9026 108F B942 BEA4
uid           [ultimate] Jonathan McDowell <noodles@earth.li>

(I’ve no reason to suspect problems with my old key and will be making a graceful changeover in the Debian keyring at some point in October after I’ve performed the September keyring update; that’ll give things a couple of months to catch up before it’s my turn to do an update again.)

OMGWTFBBQ 2023

A person wearing an OMGWTFBBQ Catering t-shirt standing in front of a BBQ. Various uncooked burgers are visible.

As is traditional for the UK August Bank Holiday weekend I made my way to Cambridge for the Debian UK BBQ. As was pointed out we’ve been doing this for more than 20 years now, and it’s always good to catch up with old friends and meet new folk.

Thanks to Collabora, Codethink, and Andy for sponsoring a bunch of tasty refreshments. And, of course, thanks to Steve for hosting us all.

listadmin3: An imperfect replacement for listadmin on Mailman 3

One of the annoyances I had when I upgraded from Buster to Bullseye (yes, I’m talking about an upgrade I did at the end of 2021) is that I ended up moving from Mailman 2 to Mailman 3. Which is fine, I guess, but it meant I could no longer use listadmin to deal with messages held for moderation. At the time I looked around, couldn’t find anything, shrugged, and became incredibly bad at performing my list moderation duties.

Last week I finally accepted what I should have done at least a year ago and wrote some hopefully not too bad Python to web scrape the Mailman 3 admin interface. It then presents a list of subscribers and held messages that might need approved or discarded. It’s heavily inspired by listadmin, but not a faithful copy (partly because it’s been so long since I used it that I’m no longer familiar with its interface). Despite that I’ve called it listadmin3.

It currently meets the bar of “extremely useful to me” so I’ve tagged v0.1. You can get it on Github. I’d be interested in knowing if it actually works for / is useful to anyone else (I suspect it won’t be happy with interfaces configured to not be in English, but that should be solvable). Comment here or reply to my Fediverse announcement.

Example usage, cribbed directly from the README:

$ listadmin3
fetching data for partypeople@example.org ... 200 messages
(1/200) 5303: omgitsspam@example.org / March 31, 2023, 6:39 a.m.:
  The message is not from a list member: TOP PICK
(a)ccept, (d)iscard, (b)ody, (h)eaders, (s)kip, (q)uit? q
Moving on...
fetching data for admins@example.org ... 1 subscription requests
(1/1) "The New Admin" <newadmin@example.org>
(a)ccept, (d)iscard, (r)eject, (s)kip, (q)uit? a
1 messages
(1/1) 6560: anastyspamer@example.org / Aug. 13, 2023, 3:15 p.m.:
  The message is not from a list member: Buy my stuff!
(a)ccept, (d)iscard, (b)ody, (h)eaders, (s)kip, (q)uit? d
0 to accept, 1 to discard, proceed? (y/n) y
fetching data for announce@example.org ... nothing in queue
$

There’s Debian packaging in the repository (dpkg-buildpackage -uc -us -b will spit you out a .deb) but I’m holding off on filing an ITP + actually uploading until I know if it’s useful enough for others before doing so. You only really need the listadmin3 file and to ensure you have Python3 + MechanicalSoup installed.

(Yes, I still run mailing lists. Hell, I still run a Usenet server.)

Figuring out the right card for foreign currency transactions

While travel these days is much reduced I still end up in Dublin regularly enough (though less so now I’m not working directly with folk there), and have the occasional US trip. Given that I live and work in the UK, and thus get paid in GBP (£), this leads to the question of what to do about USD ($) and EUR (€) transaction. USD turns out to be easy; I still have a US account from when I lived there and keeping it active has, so far, not proved to be a problem.

EUR is tricker. In an ideal world I’d find a fee-free account that would allow normal Eurozone transfers and provide me with a suitable debit + credit card for use while travelling. I’ve found options with a fee, but I don’t have enough Euro transactions to make it worthwhile.

A friend pointed me at the HSBC Global Money debit card, which claims no fees for currency conversions from £ and competitive rates. As I already have an account with HSBC it was easy to sign up to try it out. And, having recently been on trip to CenterParcs, I had the perfect opportunity to compare it to my (and my wife’s) existing cards to see how the rates played out. In particular I’ve always meant to figure out if the cards that don’t charge a loading rate end up with the same exchange rate as the cards that do have a separate per transaction charge.

So, armed with the HSBC Global Money card, a Monzo debit card, a Nationwide debit card, and a co-operative debit card, we engage on a week of eating out in the interests of data!

The results will probably shock no one who’s properly looked into this themselves. All the cards were on the VISA network, they all ended up at around £1 → €1.15. According to Xe that was roughly the mid-market rate for the week I was away, so it seems like trusting VISA to do the currency conversion is a reasonable thing to do. The problem comes with the range of charges:

Card Exchange rate Charge %
Co-Op €1.15 2.65%
HSBC €1.15 0.00%
Monzo €1.15 0.00%
Nationwide €1.15 2.99%

This matches what Nationwide claims for its foreign transaction fees, though Co-Op claims 2.75% and the numbers looked more like 2.65% on the small transactions we incurred.

So, the HSBC Global Money card is definitely a decent option. However Monzo is just a good, and has the advantage that it’s a normal current account rather than something slightly different you have to funnel money into. Both are let down by the fact you need to use an app to check your balance etc - Monzo seems to only have extremely basic web access to any of their accounts and HSBC don’t expose the Global Money account at all via web banking, only the phone app.

Finally, what I really want is to be able to do this with a credit card, especially for things like online purchases or staying at hotels. My current credit card suffers from a per-transaction charge, but while looking up the Nationwide debit charge %age to confirm it matched what I saw I discovered that Nationwide credit cards do not charge a fee. So I think I’ll be investigating that for my next trip.

RIP Brenda McDowell

My mother died earlier this month. She’d been diagnosed with cancer back in February 2022 and had been through major surgery and a couple of rounds of chemotherapy, so it wasn’t a complete surprise even if it was faster at the end than expected. That doesn’t make it easy, but I’m glad to be able to say that her immediate family were all with her at home at the end.

I was touched by the number of people who turned up, both to the wake and the subsequent funeral ceremony. Mum had done a lot throughout her life and was settled in Newry, and it was nice to see how many folk wanted to pay their respects. It was also lovely to hear from some old school friends who had fond memories of her.

There are many things I could say about her, but I don’t feel that here is the place to do so. My father and brother did excellent jobs at eulogies at the funeral. However, while I blog less about life things than I did in the past, I did not want it to go unmarked here. She was my Mum, I loved her, and I am sad she is gone.

subscribe via RSS