GnuPG Key Signing Policy

GnuPG Key Signing Policy of Joel W. Shea

Preamble

This policy is valid for all signatures made using the following primary key.

This key has been made available at hkp://subkeys.pgp.net

---------------------------------- 
pub   4096R/D4D217D4 2007-12-31 
uid      Joel W Shea (Master Signing Key - http://bletcherous.net/gnupg/) 
      Key fingerprint = D805 0965 417F 87C4 D686  11F1 2062 8928 D4D2 17D4

The above primary key is;
- Used only to sign other keys
- Never stored on a machine with network connectivity
- Stored in a 'safe' location when not in use

The following subkeys are general purpose, and never used to sign other keys;

D3E44DED - used for signing messages only.
32BA2419 - used for signing software packages only.
C5346057 - used for encryption.

Pre-requisites

The signee must make their public key available on an accessible keyserver.

You will need to confirm your public key fingerprint, preferably in person using a printed or handwritten hardcopy. If I already know and trust you, I will accept fingerprint confirmation over the phone.

If I do not personally know you, I will will also require some form of photo identification, either an Australian driver's license, or a Passport.

Signing Keys

Once your identity, and key fingerprint have been confirmed, I will send your signed key via encrypted mail, using the public key of the uid(s) you wish for me to sign.

Note: If you are cross-certifying my key, please do likewise, rather than uploading the signed key to a keyserver. (Otherwise, it's unlikely I'll trust your signatures highly).

Signature Trust

The following policy may guide you on how you may trust my signatures.

0 - unknown - I won't sign keys of those who don't have a key signing policy.
1 - none - I won't sign keys of those whom I know to improperly sign keys.
2 - marginal - Key's owner with whom I've verified identification and fingerprints in person, and is also known to properly validate keys before signing them.
3 - full - As for marginal, whom I also trust to keep signing key(s) adequately secured.

Revision

2009-01-18 - Initial release