Skip to content
/ pgp Public

πŸ”‘ βš–οΈ smkent's PGP key and key signatures policy document

Notifications You must be signed in to change notification settings

smkent/pgp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2 Commits
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Document version: 2016.09.27 (history)

PGP Key

My PGP public key fingerprint is 0342 C809 99FB 1A06 FD0F 9533 8392 C992 D925 00A9.

The source of this document is signed with that key. Please verify that the signature is still valid. Verification of the current version of this document can be performed using GnuPG:

gpg --recv-keys 0x0342C80999FB1A06FD0F95338392C992D92500A9
wget -O- https://github.com/smkent/pgp/raw/master/README.md | gpg --verify

To verify a prior version, replace master in the above URL with the git commit ref corresponding to the version you would like to verify.

Key signing policy

I am willing to sign PGP keys when provided with sufficient proof of identity and private key ownership.

I use the PGP key signature levels are as follows:

  • I do not create new level 0 signatures ("I will not answer"). Existing level 0 signatures predate the existence of this document and indicate that the key owner is well known to me.
  • I do not create level 1 signatures ("I have not checked at all").
  • I create signatures at level 2 ("I have done casual checking") and level 3 ("I have done very careful checking").

See below for how to request a signature. If you request that I sign your key, please be willing to sign my key as well.

I have done very careful checking (Level 3 signature)

  • I am willing to sign your key if you are personally well known to me.
  • I am willing to sign your key if we exchange full PGP key fingerprints and government-issued photo IDs, either in person or via end-to-end encrypted video conference. Acceptable photo IDs are one of a United States passport, state driver license, or state ID card.

To request a level 3 signature, contact me at the e-mail address in my public key.

I have done casual checking (Level 2 signature)

I am willing to sign your key if you provide me with a color scan that includes the following:

  • A government-issued photo ID (United States passport, state driver license, or state ID card). Only your name and the photo are needed to verify your identity, so you may conceal or remove additional personal information if you prefer.
  • A handwritten copy of both your full public key fingerprint and e-mail address.

To request a level 2 signature, send a signed and encrypted e-mail containing the above information to the e-mail address in my public key.

Signature creation and delivery

After meeting the above identity verification requirements, I will individually sign each of the UID(s) corresponding to your identity and e-mail an encrypted copy of your public key for each signed UID to its corresponding e-mail address. You must decrypt the signed key(s), which provides sufficient proof that you control the corresponding private key.

PGP key signatures I create do not expire.

I reserve the right to not sign a particular key or UID at my own discretion.

References

Document history

This document may be revised at any time. Material changes to my key and/or signing policy are listed here. For all document changes, please see the repository's commit history.

  • 2016.09.27: Initial document published
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEELzwhe+BXPUKPZyKW62lgIps+KmsFAl/qVw0ACgkQ62lgIps+
KmtIQg/+Lw3/kxOJaqFyYY+y3ahDvXSHcO2aSLktpnBmNNNRsaZKFh+vPBIMoVLL
QUN24q7OrB3x3+oablKmd1WT5vKIuM4FLOUmkT0ZZ5O4P5ZuLjInYA1/0JtSc4R4
jsCOjaNEYtJSU1IY+0yEoeJMQgZXi04ctDFAofW0kUpQOgO5ULhqgCCY0CmxI/lj
k/WQqqe83K7jGQM7kKlTDMXCxkQyYyLipwnTsWODdPrkV1lWCMVVhvvNuRFBiDCr
l6bAYIYHleKEzKKN6Woown3Kb+PzHbGbPZKmgQ2xAzOw+uxxSdTe/vzbi10Ge9l9
U8Jl/nQwKjsIAyC2PDI6Qm8A39xPzPtURxknK1v8KrBZnnLdIVdH5Xu+yW2J/UyW
x7Yx2KvWO6bUdEkcfsfa9T6Mg2jZcBeVL4Y4n8rBfTw1tZy9BvSnYxZGXPY0NvyV
A5em1bd7Mhie1m9wz1Ir0RrKjxWp19GQSeOouHEPIgWKVtsyI5o6f2qwnGkEAY0m
q/5QrUrjsJ/jkRSPZVUFov3+VU/d8+3wWHOx4V5eOaXNeNzqg5ocdxwKHH4XJXx/
Scaozr9qhZzpzM30A02NJXjdN9LkR/XWd7L5sFo+Nh9HeV0+OsWVCx4OYjimx0q/
s7mfDjRDNt+6kvAXhEYT+QDYOxoAcwOaljS/bKDhQjMu/9XTuFY=
=lFqU
-----END PGP SIGNATURE-----

About

πŸ”‘ βš–οΈ smkent's PGP key and key signatures policy document

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages