I tend to dress quite casually - unless there's a good reason to do otherwise I'll be in jeans and a t-shirt, or something similar. I'm comfortable in it and I take the view point that in general people shouldn't be making assumptions based on what I'm wearing. Of course they do, and while this can be infuriating at times it can also be amusing. The man at the RBoS who witnessed me signing the personal DD guarantee form for Black Cat obviously couldn't reconcile my appearance with what I was there to do, for example.

I'd never thought about this from the other side until a few weeks ago. I spoke to someone who explained how difficult it had become to conduct business meetings with other companies with the increased level of business casual. In fact on occasion different branches of the same company that he'd be meeting with would have different dress codes, so he'd go to something involving casual dress in the morning and something with full business suit attire in the afternoon and end up feeling over or under dressed.

This isn't likely to make me change my own behaviour in the immediate future (I don't have to interact with external parties as part of my current job). It did help me realise that there was another explanation for awkward behaviour when I'm my usual scruffy self that wasn't just about judging on appearances though.

(All of the above blatantly obvious once you think about it, but it took that conversation for me to do so.)

Finally back home post DebConf9; felt reasonably productive and I have a lengthy todo list which I've even written down and started work on. More on that when any of them come to fruition.

Very much enjoying the return to easily accessible decent tea and salad/other vegetables. I haven't eaten any fish since my return and hopefully won't for at least a few days. Also I feel the need for an alcohol free week so my liver can recover. Back to work tomorrow - what is it I do again? Also, bets on how my cow orkers will react to my purple hair?

I'm off to DebConf next Thursday. I'm looking forward to it; I could do with a change of scenery and some time with friends. I'm having my usual "What do I need to bring?" worries and I got to wondering about which laptop to bring - since last year I've gained an EEE 901, but I still have my Toshiba R200.

In general I'm using the EEE these days when I'm not using my desktop - it's much more convenient to throw in an overnight bag. However the keyboard and screen are too small for hard core use. Which suggests I should take the R200. Except the EEE battery life is great and a small laptop is handy for use in talks. So I think I'll bring both. Which led me to think about the fact I don't use the R200 that much these days and why that is. And it's partly about all the various bits that live in my home directory that mean switching machine is a sort of context shift. That applies to my desktops too.

And then I had a thought. Both laptops have built in SD readers. So do both of the desktops I regularly use. Why not just put my home directory on an SD card? These are machines that I don't log into remotely, so the card being removed when I'm not in front of the machine isn't a problem (it means I have to log out, but I think that's acceptable). I'm not totally sure of the speed of the readers in the various machines, but I guess the best way to find out if it's doable is to try it.

So, various things to ponder:

• Card size. Do all my readers support SDHC? In which case I should get an 8G or 16G card. Otherwise 1G is probably the safest maximum size? I suppose I can order one of each; they'll get used somewhere even if it's not for this.
• Card make. I don't want something that's going to die after a week of use; I'll try to ensure cache directories and similar are symlinks to a local piece of storage but I don't have a feel for the number of writes my home directory normally sees. I like Crucial for RAM. How's their flash? Integral? Or just bite the bullet and accept Sandisk are going to be best, if pricey?
• Filesystem. ext3? Or will the journal kill the card faster - I understood this was less of a concern these days. Are ext4 or btrfs ready for this sort of use? Perhaps this is the right time to try; I can keep backups on every machine that uses the card easily enough.
• Crypto. I may as well encrypt the card for security as I doubt that'll end up being the bottleneck for access. Is dm-crypt the right thing? libpam-mount looks like it might let me tie things together in a simplish fashion.
• Union mount? It might be nice to have a basic home directory on every machine so I can login even if I don't have my card with me. Or have local configuration bits specific to each machine. Perhaps something for a bit further down the line - I'm not sure any of the unionfs options are in mainline kernels yet?

I suppose I'll do some card manufacturer investigation and try and get a couple of cards ordered in time to play with over DebConf.

I've known I was going for a while, but only finally booked the holiday off work and had it approved last week (unfortunately they're not giving me the time for free like last year. :( ). I'll be there for DebConf proper (ie 23rd until 31st). In the unlikely event anyone else is flying DUB<>MAD my flights are:

2009-07-23 06:00 (DUB) -> 09:30 (MAD) FR 7158
2009-07-31 20:15 (MAD) -> 21:50 (DUB) EI 595

I'm on the 16:25 Talgo from Madrid and then the 09:25 back on the 31st. Looks like I'll have company from the train booking page.

Also I've been doing the first draft of the room allocation. If you're expecting to stay at DebConf organised accommodation you should check your name is on this list with the expected dates, and email rooms@debconf.org if it's not.

With all the discussion about SHA-1 weaknesses and generation of new OpenPGP keys going on there's some concern about how the web of trust will be affected. I'm particularly interested in the impact on Debian; while it's possible to add new keys and keep the old ones around that hasn't worked so well for us with the migration away from PGPv3 keys. We still have 125 v3 keys left, many of them for users who also have a v4 key but haven't asked for the v3 key to be removed or responded to my email prodding them about it. I don't want to repeat that.

So if we're looking at key replacement we need to have some idea about where our Web of Trust currently stands, and what effect various changes might have on it. I managed to find the keyrings Debian shipped all the way back to slink and ran the keyanalyze and cwot stats against them. I then took the current keyring, pull in all the updates for the keys in it (so that any signatures from newly generated keys would be included) and ran the stats again. Finally I took details of 12 key migrations (mostly from Debian Planet but also a couple of others I knew about) and calculated what the effect of removing each key would be. These stats are cumulative and I replaced the most well connected (by centrality) keys first.

The results are below.

• Total is the total number of keys in the keyring
• SCS is the largest Strongly Connected Subset
• Reachable is the largest reachable subset
• MSD is the Mean Shortest Distance
• Centrality is the average centrality for the reachable subset
• update-foo indicates that foo's key was replaced with a newer one

This is actually more hopeful than I thought. There's an obvious weakening as a result of the migrations, but the MSD stays under 3 and the centrality stays fairly constant too. The reachable/SCS counts do decrease, but at this point it looks fairly linear rather than an instant partition. Of course the more keys that are removed the more likely this is to drop off suddenly. Counteracting that DebConf9 is coming up which will provide a good opportunity for normally geographically disperse groups to cross sign, reinforcing the WoT for these new keys.

Either way I at least have a better handle on the current state of play, which gives me something to work with when thinking about how to proceed. For now, bed.