Just as a side not, if you want to derive all your PGP keys for the org using the same root entropy, you can do that, and I'm happy to write out docs for that, but as of right now I wrote out…
This can live in the ceremonies repository. I wrote a document about how this repository is set up, and it can be the place where we put all artifacts related to ceremonies:
make reproduce currently fails
@scjudd and I established that something changed in the digests so we are going to commit a new set of sigs. The repo is still deterministic, there must have been a change introduced at some point…
Hmm good point, we could use exFAT or FAT32. I defaul to ext4 for its nice features but it's unlikely to work with digital cameras.
Meeting in person to verify each others keys is ideal, but if necessary it can be done remotely. I wrote initial drafts for the docs above, but we can expand them as you see fit.
The keychain repository is just a git repo which has rules around how keys can be added to it. The derivation of the keys themselves is a separate concern. There are now documents for both:
*…
Initial draft of this is done: https://git.distrust.co/public/docs/src/branch/main/quorum-key-management/src/component-documents/keychain-repository.md