====== 2021-12-01 ====== ===== Anwesenheit ===== lux, spacekookie, yuka, nikky, nest, multi, stephie, bibor, codezero, hexchen, ralisi, yrrsinn, zotan, gyrosgeier, mitch ===== TOP1: Lux & Yuka music ===== * kookie donated their old NAS running on core.lan * Synchronised MPD setup with snapcast * A cable exists on the shelves behind the antifa flag to plug phones / playback devices into * Documentation in the wiki ===== TOP2: Bibor's email ===== * Point #1 of the e-mail * Last plenum discussed problems with opening up the space regularly again * Another problem: different parts of the community don't know each other * From a community-building perspective this is kinda sad (and got worse with covid) * A trust problem: it's hard to trust everyone in the space if you don't know them * Problem solving becomes hard when we don't know/ trust each other * Point #2 of the e-mail * Who are current key members? How and when do we revoke keys? * Idea: revoke access, and re-build access based on rules * People who come regularly have keys * People who come once a year might not need one * Plenum decides? * This requires personal availability at the plenum * Lux: someone who has a key should be part of the plenum structure * If we revoke keys we need to very quickly re-issue keys * Keep track of who has keys now and don't revoke en-mass * Hexchen: Mark all keys for revocation with 3 months timeout * Kookie: key revocation good, regular key-debounce bad. Who is going to enforce this? * Why do we need more bureaucracy? * We need trust and we need people to know how to act in the space, not regulations that need to be enforced. * Zotan: reasonable distance? * In Berlin several times a month, but lives 300km away. Does this disqualify them from a key? * Bibor: probably that's fine. This is a conversation we need to have * "Reasonable" is a very vague term * Hexchen: In muccc key requesters need to be known by the community * being proposed by another person or coming to plenums * but not strictly enforced in every case * Yrrsinn: * We have had key revocations before. Bureaucracy needs to be enforced and is hard * Key request is a good incentive to come to plenums * Plenums are a good place to build the community * Suggestion: every 12 months we revoke keys * Bibor: * Not a fan of regular revocation will result in chaos, so probably not feasible * This round will result in chaos * Agrees with Hexchen: no hard requirements * Important: plenum has to agree that you get a key. This ensures that the person is trusted * Additionally: this is a list of criteria the plenum should think about * Lux: summarise a few things * Convinced we won't be able to enforce a yearly reset * Likes idea the plenum hands out keys * Maybe add more plenums on a different week day * One-time reset will produce chaos and we need to think about how to deal with this * Kookie: * Generally a good idea that the plenum hands out keys * Questions: If you're part of a plenum, would you actually reject people? * Is there going to be a vote? Are you going to argue about it? [...] * The plenum shouldn't decide (accept|reject) * Regular key revocations would be a bit of a nightmare, should be avoided * Steph: * There should be a way to revoke keys individually on a technical level * Needed to make the key system sustainable * Ralisi: * Proposing liberal ways of handing out keys (not against it) * Will we end up in the same situation as we are now? * How are we handing out keys currently. Kookie: we're not * Hexchen: * Idea from Edinburgh: to get a key N number of existing key members have to propose you to get a key * Builds a web of trust without liberally giving out keys * Don't have to vote at a Plenum * Yrrsinn: * Plenum definitely shouldn't decide about a person * Existing key members vouching for new key members should be enough * Still a fan of yearly revocations (key harvest festival) * "San Francisco is over" * Bibor: * Key-vouching idea is great * Does 2 things: establish web of trust and plenum can associate a face with a key * Nikky: If we do we even bootstrap a regular reset? * Yearly key-harvest festival * Key bootstrap is relevant whether we do one or we expire them * One suggestion for a reset: * Everyone at this plenum keeps * Separate technical from social problem * Lux(Summary): we appear to have consensus * Give out new keys by having 2 vouching key-members * Also let them introduce themselves at a plenum * Lux: do we want to revoke keys? And if so, how? * Kookie: * Wait until next plenum to revoke keys * We should also try to figure out a way to decentralise this process * Lux: * We need a way to bootstrap the new key system * But physical keyholders shouldn't turn into starting point of new key system * Bibor (recap): * Key revokation ok * New procedure to hand out key * Two existing key holders people vouch for new key holders (on a plenum? on the mailing list?) * Person shows up at plenum and says hi * We haven't agreed on the bootstrapping process yet * One-time bootstrap would give anyone now having a key keeping their key * Lux, spacekookie, yuka, gyrosgeier, bibor, yrrsinn, mitch, codezero * Repeated re-bootstrap process is to be determined (also do we want this even?) * Question: what about people who have a physical key but aren't on this list? * Action Item - Vorstand * Find out a way to find out who has physical keys * Action Item - "New Key Issueing Act" group: * Bibor, spacekookie, hexchen will draft the rules and announce the policy * Action Item - find out technical details of key system * spacekookie and hexchen will find out how the system works * Pres ent information at the next plenum ===== TOP3: physical presence during the pandemic ===== * We can't check tests but we can check the vaccine certs * Rule idea: everyone in the afra is entitled to check all vaccine certificates of everyone present * Is this something people at the afra can agree on? * Yuka: change request everyone present can ask a key-holders to check the cert * Certs can leak sensitive information * Not everyone should have the right to do that * Reason for key-holders doing this is that there is additional responsibilities * Codezero: * Not sure whether we can legally //not// checking certs * Lux: * The AfRA doesn't fall under any of the categories **as long as we don't organise events!** * So we don't have to check vaccine certificates * Yrrsinn: * Assumption based on: AfRA is not open and only members can come here. * Thus the AfRA is not a public spacec * But: this is all complicated and none of us are lawyers * Bibor: self tests are extremely unreliable and not a layer of security * Yrrsinn: * Rule at the office: if you show any symptoms of the flu, don't come into the AfRA * Zotan: All rapid anti-gen tests are unreliable * Lux: * if you felt sick recently stay away for a few days (or have a PCR test) * //technically// if you have a red CWA tile you can get a free PCR test * Decision consensus: Key holders can be asked to check vaccine certificates ===== TOP4: MORE PLENUMS ===== * Maybe have more than 1 plenum a month * Have the second day rotate so it's not //just// Wednesday * More smaller plenums * What we currently have works, but we can add something on top of it * **Opinion poll shows consensus** * Action Item: Lux and Yrrsinn will go away and present a new plan next plenum ===== TOP5: RC3 and chill planning ===== * Have an RC3 experience at the AfRA with bean bags * Run this as a 4-day event * **We shouldn't announce this anywhere** * Gyrosgeier suggests we make it dependent on the COVID situation * The plenum trusts Gyrosgeier to make the correct choice about organising this ===== The plenum ended at 21:44 =====