- Preamble
- Location
- Prerequisites for signing
- The act of signing
- Signing requests of transitions to new keys
This policy is valid for all signatures made by the following GnuPG keys:
pub 4096R/A7EEB609 2011-06-25 Stuart McCulloch Anderson
Key fingerprint: 299B 6F75 C137 950F 031F 5DFA D406 5F5E A7EE B609
The most recent version of this keys is available from the key server at research.nxfifteen.com or for download from My GPG Page
This policy was first written on 2011-06-22 but the policys listed here have been followed since the creation of the key four days earlyer on the 18th. Content and structure of this document are strongly based on the OpenPGP Key Signing Policy of Marc Mutz and Jörgen Cederlöf but have been slightly modified from the original sources.
I live in Dundee (Scotland) and am available to sign keys any time. If you want to arrange for a key-signing, your best chance of meeting me is in or near Dundee. Occasionally I'm in St.Andrews, Cupar and Perth. I can be reached thru the /feedback form on this site, Just be sure to include the phrase 'key-signing' in the subject line. I am also listed at biglumber.com, a webpage about key signing coordination. Meetings at computer related fairs are possible as well.
Usually I keep track of upcoming events where it would be possible to meet in order to sign keys at /about/me/events
The signee (the key owner who wishes to obtain a signature to his/her key from me, the signer) must make his/her OpenPGP key available on a publicly accessible keyserver (see above for example keyservers).
The signee must prove his/her identity to me by way of a valid identity card or a valid driving licence. These documents must feature a photographic picture of the signee. No other kind of documents will be accepted. This also implies that the signee's key must feature his/her real name in order to be checked up on his/her identity card. A key which only contains a pseudonym will not be signed.
For people from outside the European Union I will check both of these two tokens (since I cannot assess their risk of fraud). Exceptions may be made if there is a good reason for me to do so.
The signee should have prepared a strip of paper with a printout of the output
gpg --fingerprint 0x12345678
(or an equivalent command if the signee does not use GnuPG) where 0x12345678 is the key ID of the key which is to be signed.
A handwritten piece of paper featuring the fingerprint and all UIDs the signee wants me to sign will also be accepted.
The above must take place under reasonable circumstances (i.e. ourselves not being in a hurry, exchanging key data at a calm place and so on).
After having received sufficient proof of identity I will sign the signee's piece of paper myself to avoid fraud, and eventually sign the signee's key.
The signed keyblock will then be mailed to the signee, or uploaded to a keyserver if expressly wished.
Key signing is performed on the understanding that the act of signing is mutual. If the signee fails to sign my key in return I reserve the right to revoke my signature from their key.
I have been asked what my position is towards requests from people (whose keys I had already signed) to also sign their new keys.
In principle, I agree to the procedure when I am reasonably sure the request is not bogus/a scam, and the following conditions are met:
Any signing request of transition to a new key
- must at least be signed by the still valid original key (which I also signed),
- the new key must also be signed by the still valid original key (which I also signed),
- the owner of the new key must cross-sign my keys in return with the new key first,
- the new key will receive the same level of signature as the still valid original key (which I also signed).
However, such a signing request may be declined without giving reasons. If unsure, enquire first.
A level of 3 is given to sign-and-encrypt keys: I have met the signee in person, I have verified his identity card (passport, or driving licence) and his key's fingerprint. I was also able to send my signatures encrypted with the corresponding key of the signee. These signatures are the strongest in my web of trust.
Photographic UIDs are also going to be signed with a level of 3 if I can still remember the signee's face when I will be back at home.
I will also sign keys at level 3 when I know the signee personally, I do not require ID card or the above formal procedure. A meeting where we exchange fingerprings is enough. Naturally, it would be extremely hard to trick me into signing a false key this way.
A level of 2 is given to sign-only keys. It is not clear to determine if the owner of the mail account is the same as the key owner because encryption cannot be used, hence the signatures only receive a lower level of 2.
If I have had contact with someone through signed or encrypted e-mail over a time long enough to rule out at least temporary man-in-the-middle attacks, and I have verified the key with a key downloaded from his/her personal web page, or signed emails/fingerprints on public mailing lists, but I have not met the person or verified the key in any other way, I may sign the key with cert check level one.
A level of 0 is given to keys of Certification Authorities since in most cases the key owner is a whole organization and not a single person. Usually the fingerprints of those keys have to be verified by getting them from the corresponding website of the CA and cannot be checked by exchange with a member of the CA who is in charge. These signatures are the weakest in my web of trust.
You can use the pathfinder of Henk P. Penning at http://pgp.cs.uu.nl/ which gives you a simple text printout:
If you like graphics you surely want to try out Jörgen Cederlöf's Wotsap:
Here are some links which you may find useful or interesting:
- Key signing policies of other people:
- Marc Mutz
- Jörgen Cederlöf
- Olaf Gellert
- Marc Haber
- Jürgen Nieveler
- Thomas Bader
- Sebastian Inacker
- Markus Reichelt
- Version 1.0.0, 2003-05-31
- Initial Release.
Copyright (c) 2011 Stuart McCulloch Anderson.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
Recent comments