emelie
/
graven.dev
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
graven.dev/public/emelie/pgp/policy.html

57 lines
2.5 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<meta charset="utf-8"/>
</head>
<body>
<h1 id="pgpkeysigningpolicyofemeliegraven">PGP Key signing policy of Emelie Graven</h1>
<h2 id="keycoveredbythispolicy">Key covered by this policy</h2>
<pre><code>pub ed25519/0x9DEBB56FE610BAD1 2021-09-27 [SC]
Key fingerprint = 16D3 6E7B FBB0 0641 BBF6 574D 9DEB B56F E610 BAD1
uid [ultimate] Emelie Graven &lt;emelie@graven.dev&gt;
uid [ultimate] Emelie Graven &lt;emelie@graven.se&gt;
sub ed25519/0xC11123726DBB55A1 2021-09-27 [S]
sub cv25519/0xF19DB35B8CF6E9F9 2021-09-27 [E] [expires: 2022-03-26]
sub ed25519/0x4FEAE545EC7D8ACB 2021-09-27 [A] [expires: 2022-03-26]
</code></pre>
<h2 id="certificationlevels">Certification levels</h2>
<p>I use three levels of certification when signing keys. Each certification level also encompasses the requirements of levels below it.</p>
<ul>
<li><p>Level 0 (Generic certification)
This type of signature is used to certify that the key holder is in control of the email address of the UID in question. No assertations are made about the key holder&#8217;s identity.</p></li>
<li><p>Level 2 (Casual certification)
This type of signature is used to certify that identity of the key holder has been verified with at least one form of government-issued photo ID, or another equally secure means of identification.</p></li>
<li><p>Level 3 (Positive certification)
This type of signature is used to certify that the key holder is a person I trust and know personally, or that someone I know personally has vouched for their identity.</p></li>
</ul>
<h2 id="signingprocess">Signing process</h2>
<p>Steps 1 through 2 are only required for casual and positive certification, steps 3 through 5 are always required.</p>
<ol>
<li>The signee&#8217;s identity is verified according to the requirements.</li>
<li>The signee gives me a physical copy of their key fingerprint, or in the case of verification over video chat, the fingerprint is supplied verbally.</li>
<li>The signee sends me a signed email from each email address corresponding to a UID they want signed.</li>
<li>I will reply to each email with the signed key in encrypted form.</li>
<li>The signee decrypts the signed keys and optionally publishes them.</li>
</ol>
<h2 id="general">General</h2>
<p>I appreciate if anyone whose keys I sign would return the favour and sign my keys in accordance with their own signing policy.</p>
<h2 id="changelog">Changelog</h2>
<p>2021&#8211;11&#8211;21: Initial release</p>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink