From 4aa63323fd97eabee2bb55ed56968c9f8ca04498 Mon Sep 17 00:00:00 2001
From: Emelie Graven <emelie@graven.dev>
Date: Fri, 10 Dec 2021 13:27:54 +0100
Subject: [PATCH] Add description, change style of fingerprint

---
 emelie/index.html        |  5 ++--
 emelie/pgp/policy.html   | 56 ++++++++++++++++++++++++++++++++++++++++
 emelie/pgp/policy.md     | 43 ++++++++++++++++++++++++++++++
 emelie/pgp/policy.md.asc | 53 +++++++++++++++++++++++++++++++++++++
 static/style.css         |  4 +--
 5 files changed, 157 insertions(+), 4 deletions(-)
 create mode 100644 emelie/pgp/policy.html
 create mode 100644 emelie/pgp/policy.md
 create mode 100644 emelie/pgp/policy.md.asc

diff --git a/emelie/index.html b/emelie/index.html
index 1c09aea..7214844 100644
--- a/emelie/index.html
+++ b/emelie/index.html
@@ -5,7 +5,7 @@
 	<title>Emelie Graven</title>
 	<meta charset="utf8">
 	<meta name="viewport" content="width-device-width, initial-scale=1">
-	<meta name="description" content="">
+	<meta name="description" content="Personal website of Emelie Graven">
 	<link rel="stylesheet" type="text/css" href="/static/style.css">
 </head>
 
@@ -17,6 +17,7 @@
 	</li>
 	<h1>PGP</h1>
 	<p>Public key: <a rel="pgpkey" href="/static/emelie.asc">Download</a></p>
-	<p>Fingerprint: 16D3 6E7B FBB0 0641 BBF6  574D 9DEB B56F E610 BAD1<p>
+	<p class="fingerprint">16D3 6E7B FBB0 0641 BBF6  574D 9DEB B56F E610 BAD1<p>
+	<a href="gpg/policy.html">Key signing policy</a>
 </body>
 </html>
diff --git a/emelie/pgp/policy.html b/emelie/pgp/policy.html
new file mode 100644
index 0000000..c42536b
--- /dev/null
+++ b/emelie/pgp/policy.html
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
+<head>
+	<meta charset="utf-8"/>
+</head>
+<body>
+
+<h1 id="pgpkeysigningpolicyofemeliegraven">PGP Key signing policy of Emelie Graven</h1>
+
+<h2 id="keycoveredbythispolicy">Key covered by this policy</h2>
+
+<pre><code>pub   ed25519/0x9DEBB56FE610BAD1 2021-09-27 [SC]
+      Key fingerprint = 16D3 6E7B FBB0 0641 BBF6  574D 9DEB B56F E610 BAD1
+uid                   [ultimate] Emelie Graven &lt;emelie@graven.dev&gt;
+uid                   [ultimate] Emelie Graven &lt;emelie@graven.se&gt;
+sub   ed25519/0xC11123726DBB55A1 2021-09-27 [S]
+sub   cv25519/0xF19DB35B8CF6E9F9 2021-09-27 [E] [expires: 2022-03-26]
+sub   ed25519/0x4FEAE545EC7D8ACB 2021-09-27 [A] [expires: 2022-03-26]
+</code></pre>
+
+<h2 id="certificationlevels">Certification levels</h2>
+
+<p>I use three levels of certification when signing keys. Each certification level also encompasses the requirements of levels below it.</p>
+
+<ul>
+<li><p>Level 0 (Generic certification)
+This type of signature is used to certify that the key holder is in control of the email address of the UID in question. No assertations are made about the key holder&#8217;s identity.</p></li>
+<li><p>Level 2 (Casual certification)
+This type of signature is used to certify that identity of the key holder has been verified with at least one form of government-issued photo ID, or another equally secure means of identification.</p></li>
+<li><p>Level 3 (Positive certification)
+This type of signature is used to certify that the key holder is a person I trust and know personally, or that someone I know personally has vouched for their identity.</p></li>
+</ul>
+
+<h2 id="signingprocess">Signing process</h2>
+
+<p>Steps 1 through 2 are only required for casual and positive certification, steps 3 through 5 are always required.</p>
+
+<ol>
+<li>The signee&#8217;s identity is verified according to the requirements.</li>
+<li>The signee gives me a physical copy of their key fingerprint, or in the case of verification over video chat, the fingerprint is supplied verbally.</li>
+<li>The signee sends me a signed email from each email address corresponding to a UID they want signed.</li>
+<li>I will reply to each email with the signed key in encrypted form.</li>
+<li>The signee decrypts the signed keys and optionally publishes them.</li>
+</ol>
+
+<h2 id="general">General</h2>
+
+<p>I appreciate if anyone whose keys I sign would return the favour and sign my keys in accordance with their own signing policy.</p>
+
+<h2 id="changelog">Changelog</h2>
+
+<p>2021&#8211;11&#8211;21: Initial release</p>
+
+</body>
+</html>
+
diff --git a/emelie/pgp/policy.md b/emelie/pgp/policy.md
new file mode 100644
index 0000000..c43412b
--- /dev/null
+++ b/emelie/pgp/policy.md
@@ -0,0 +1,43 @@
+# PGP Key signing policy of Emelie Graven
+
+## Key covered by this policy
+```
+pub   ed25519/0x9DEBB56FE610BAD1 2021-09-27 [SC]
+      Key fingerprint = 16D3 6E7B FBB0 0641 BBF6  574D 9DEB B56F E610 BAD1
+uid                   [ultimate] Emelie Graven <emelie@graven.dev>
+uid                   [ultimate] Emelie Graven <emelie@graven.se>
+sub   ed25519/0xC11123726DBB55A1 2021-09-27 [S]
+sub   cv25519/0xF19DB35B8CF6E9F9 2021-09-27 [E] [expires: 2022-03-26]
+sub   ed25519/0x4FEAE545EC7D8ACB 2021-09-27 [A] [expires: 2022-03-26]
+```
+
+## Certification levels
+
+I use three levels of certification when signing keys. Each certification level also encompasses the requirements of levels below it.
+
+* Level 0 (Generic certification)
+	This type of signature is used to certify that the key holder is in control of the email address of the UID in question. No assertations are made about the key holder's identity.
+
+* Level 2 (Casual certification)
+	This type of signature is used to certify that identity of the key holder has been verified with at least one form of government-issued photo ID, or another equally secure means of identification.
+
+* Level 3 (Positive certification)
+	This type of signature is used to certify that the key holder is a person I trust and know personally, or that someone I know personally has vouched for their identity.
+
+## Signing process
+
+Steps 1 through 2 are only required for casual and positive certification, steps 3 through 5 are always required.
+
+1. The signee's identity is verified according to the requirements.
+2. The signee gives me a physical copy of their key fingerprint, or in the case of verification over video chat, the fingerprint is supplied verbally.
+3. The signee sends me a signed email from each email address corresponding to a UID they want signed. 
+4. I will reply to each email with the signed key in encrypted form.
+5. The signee decrypts the signed keys and optionally publishes them.
+
+## General
+
+I appreciate if anyone whose keys I sign would return the favour and sign my keys in accordance with their own signing policy.
+
+## Changelog
+
+2021-11-21: Initial release
diff --git a/emelie/pgp/policy.md.asc b/emelie/pgp/policy.md.asc
new file mode 100644
index 0000000..246a36a
--- /dev/null
+++ b/emelie/pgp/policy.md.asc
@@ -0,0 +1,53 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+# PGP Key signing policy of Emelie Graven
+
+## Key covered by this policy
+```
+pub   ed25519/0x9DEBB56FE610BAD1 2021-09-27 [SC]
+      Key fingerprint = 16D3 6E7B FBB0 0641 BBF6  574D 9DEB B56F E610 BAD1
+uid                   [ultimate] Emelie Graven <emelie@graven.dev>
+uid                   [ultimate] Emelie Graven <emelie@graven.se>
+sub   ed25519/0xC11123726DBB55A1 2021-09-27 [S]
+sub   cv25519/0xF19DB35B8CF6E9F9 2021-09-27 [E] [expires: 2022-03-26]
+sub   ed25519/0x4FEAE545EC7D8ACB 2021-09-27 [A] [expires: 2022-03-26]
+```
+
+## Certification levels
+
+I use three levels of certification when signing keys. Each certification level also encompasses the requirements of levels below it.
+
+* Level 0 (Generic certification)
+	This type of signature is used to certify that the key holder is in control of the email address of the UID in question. No assertations are made about the key holder's identity.
+
+* Level 2 (Casual certification)
+	This type of signature is used to certify that identity of the key holder has been verified with at least one form of government-issued photo ID, or another equally secure means of identification.
+
+* Level 3 (Positive certification)
+	This type of signature is used to certify that the key holder is a person I trust and know personally, or that someone I know personally has vouched for their identity.
+
+## Signing process
+
+Steps 1 through 2 are only required for casual and positive certification, steps 3 through 5 are always required.
+
+1. The signee's identity is verified according to the requirements.
+2. The signee gives me a physical copy of their key fingerprint, or in the case of verification over video chat, the fingerprint is supplied verbally.
+3. The signee sends me a signed email from each email address corresponding to a UID they want signed. 
+4. I will reply to each email with the signed key in encrypted form.
+5. The signee decrypts the signed keys and optionally publishes them.
+
+## General
+
+I appreciate if anyone whose keys I sign would return the favour and sign my keys in accordance with their own signing policy.
+
+## Changelog
+
+2021-11-21: Initial release
+-----BEGIN PGP SIGNATURE-----
+
+iHUEARYIAB0WIQR5E0Gzscqm4KtiPVDBESNybbtVoQUCYZpjcwAKCRDBESNybbtV
+oRhFAP9pRxANl6mdmgohtYBWrUrcE3eCJFtDK7PAsVUsiPElSwD/cLxUf/mQ6MZo
+9bpXe8zYLZTFOA1Rp4zewbpneIR4CgA=
+=KOFA
+-----END PGP SIGNATURE-----
diff --git a/static/style.css b/static/style.css
index d88ae76..501e7ab 100644
--- a/static/style.css
+++ b/static/style.css
@@ -21,6 +21,6 @@ footer {
     text-align: center;
 }
 
-.linkback {
-    display: none;
+.fingerprint {
+	font-weight: bold;
 }