Your step 1 imposes an arbitrary amount of work on the person running
the keysigning, as they have to manually download keys from random
locations, instead of running a simple for loop over the fingerprints
collected from the DebConf22 registration data to fetch them from
keyservers.