graffen.dk-website/keysigning/policy/index.md.asc

71 lines
3.2 KiB
Plaintext
Raw Normal View History

2015-02-17 07:19:15 +00:00
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ---
layout: default
- ---
# GPG Keysigning Policy
## Key Information
pub 4096R/0x84170D85CAEBD4B2 2014-10-15
Key fingerprint = 03CD 582F 13C0 682C 8F52 9C05 8417 0D85 CAEB D4B2
uid [ultimate] Jesper Hess Nielsen <jesper@graffen.dk>
uid [ultimate] Jesper Hess Nielsen <mail@jesperhess.com>
uid [ultimate] Jesper Hess Nielsen <graffen@keybase.io>
sub 4096R/0x351A89E40D763F0F 2014-10-15 [expires: 2017-02-12]
sub 4096R/0x72CA3526265EE03C 2014-10-15 [expires: 2017-02-12]
sub 4096R/0x34516323BA9366C2 2014-10-15 [expires: 2017-02-12]
## Key Signing
I am willing to sign keys at keysigning parties and conferences. Please, do not email me requesting that I sign a key if we do not already know each other.
## Signature Requirements
I am willing to sign the following types of keys:
* Personal Keys
* Group and Shared Keys
* Corporate Keys
* Pseudonymous Keys
## My requirements per signature trust level are as follows
I generally only sign keys with trust levels 0x12 and 0x13.
* 0x12: I have done casual checking
* I will normally only use this level for company and pseudonymous keys.
* I will use this level if I cannot safely verify your identity. For example if you hold a foreign identification that I do not recognize or cannot safely verify the authenticity of.
* 0x13: I have done very careful checking
* I will sign your key if we meet in person and exchange Danish government-issued identification and key fingerprints if we don't know each other.
* I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person.
* I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
## My private master key
My private master signing key is only used for the following purposes:
* Add or revoke UIDs
* Add or revoke subkeys or change expiry
* Sign other people's keys
2015-02-27 11:32:37 +00:00
My private master key is generated and stored offline on a clean, air-gapped machine that is always booted fresh with the latest version of [Tails](https://tails.boum.org/). The private master key has never and will never be exposed to the internet and is protected by a long, secure passphrase.
2015-02-17 07:19:15 +00:00
-----BEGIN PGP SIGNATURE-----
2015-02-27 11:32:37 +00:00
iQIcBAEBCgAGBQJU8DnbAAoJEDUaieQNdj8Pw1cP/2vxxnD5OlWIv3PAGAi5U0A+
zW0qOVNBXfZg2VEs4MN+56N/LMEHd+T5LhZGx+vjXI1kIHWz6lc8xan0cWFN3uQ2
qVtKlbMLBQoly6H2DjLtuhAsukfBmGq2C+XRFptnfmv9geR5LaeyTrcDHxz4qJZl
J/+YIJ2vnkls9eyjdg5PHhj/OXLyi/h/mZJeSG06W4EJ33Am3GK95x5hlW5Cw9Dh
sNRywlaO9S8MbM6lKNvxINbt1ckD64moxNvohY7yFciUP4zqXP6Ax9fPvi1/08sg
+5ONgO24QfRduKZMwJT6jBarnvGxN23WtAs0ukomMTj+UZ0czCuYw6uRd/2xnKaK
zyI0D+9+8Zrd3efx0crrFly/E63By9PkJ0rf0BZg42XOSFet14EChpMliNnXQgI2
dvZzkNXOOWgxXvGNen01OA2VdR7KKvYyuemGyBRl4JwF0c9dqaRsl0AzSpfkT6hZ
4lLjJ/D1eFWGUKrmKHG7FEOosalRD0LU4o3NeKBZ2JwPJOESxT89txxQ5gSI+Z98
6z43GR8SbWcPcSP7eIYXtu2QV/a81RwZzsz2iVkfVJVfgo78EGEJlTui/N25uFYl
NromnMxoxZ7Wn0z2nFCFyCIygLlF363PJePnVuUx0NRrskwCyKBnO7mN7UUnUylL
yq04VROlYMwBf1hBvMPO
=EzIe
2015-02-17 07:19:15 +00:00
-----END PGP SIGNATURE-----