diff --git a/keysigning/policy/index.md b/keysigning/policy/index.md
index 935383a..23a6c5e 100644
--- a/keysigning/policy/index.md
+++ b/keysigning/policy/index.md
@@ -39,3 +39,13 @@ I generally only sign keys with trust levels 0x12 and 0x13.
   * I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person. 
   * I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
 
+## My private master key
+
+My private master signing key is only be used for the following purposes: 
+
+* Add or revoke UIDs
+* Add or revoke subkeys
+* Sign other people's keys
+
+My private master key is generated and stored offline on a clean, air-gapped machine that is always booted fresh with the latest version of [Tails](https://tails.boum.org/). The private master key has never and will never be exposed internet and is protected by a long, secure passphrase.
+
diff --git a/keysigning/policy/index.md.asc b/keysigning/policy/index.md.asc
index 7c282a2..fbaf9d0 100644
--- a/keysigning/policy/index.md.asc
+++ b/keysigning/policy/index.md.asc
@@ -42,19 +42,29 @@ I generally only sign keys with trust levels 0x12 and 0x13.
   * I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person. 
   * I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
 
+## My private master key
+
+My private master signing key is only be used for the following purposes: 
+
+* Add or revoke UIDs
+* Add or revoke subkeys
+* Sign other people's keys
+
+My private master key is generated and stored offline on a clean, air-gapped machine that is always booted fresh with the latest version of [Tails](https://tails.boum.org/). The private master key has never and will never be exposed internet and is protected by a long, secure passphrase.
+
 -----BEGIN PGP SIGNATURE-----
 
-iQIcBAEBCgAGBQJU4ussAAoJEDUaieQNdj8PlCoP/jFLeGghDgPCoC1KGwT81+Jh
-0K9wbqgXIyXwcIG1xDOf/QFnh+IptJNHBhj2gyNeyuvX3eLIQ7D/QcPs07CRmO8p
-WcGczj2Ez/LmdslkC6RkwmDplRBF+r/j5jDWUnzA4qYqO8TZJdL+9yXP6W5I2h2Z
-N9F74gSjo1/5GwgWc1qA9KSnQj6cSxStS8irXda/iDH0CX4nZqYS8qIklSLGfuHz
-uWGJg1UD94+tppkkDi4bcrSGybQGaFgmuTO7JyYv1Ahs0NIXz/HEA8rABMmuGlVa
-ucqOTsy3cYSwHiERjlc2SKamn6nagRCU2uma63Wau8O/PN8KBw7CgNBesSESx5Mg
-C8ReaP8ZcD8PqCqvYsNF9E3juv9kICSYi1KgwcAHulXd216I3V+f9xczvZUF0h4P
-xxcDiBlLOoAqcqoEu81iRw2QqDyPr17I+v89/260q7CNmbnLDcQBLWB4jcEYK1eP
-gBcnGnkzKML1ZGXR1eBCSX4snPhRJxv6DLvKxqntw98oI3NGR8ug0vGzNsHgB0OH
-SAkeJzl7LhJb+5NDzzKKWXdJfXT11kqSJaFP83qOGwZW4a4h9/DeXtoR+lLde3xK
-KPDdHuXbScJZrsBJJ1LK14p0UcVfcWkpvseig0gTWfSRxJQ/unlT927KhWmx3oVn
-YN8td0U76iFeeXogWeBy
-=RTFG
+iQIcBAEBCgAGBQJU41otAAoJEDUaieQNdj8PZo4QALlrIoTkmCAEk1VJn7t4k8Zu
+9t4rpMCKQywCNwzr7gGnApDoH+XwWfO2xsPnKxmtqwY2RdSPseeDOrP4RCn0mYbF
+DHO5Hm2qhkQz9cGR2j2NV0+b4ITfeXkPUnP3WyNqqKfF/3irNV9bBU1kqzr/V2PD
+PayYWZIaxkvYkRRaLLumklP47oXjaMMcHhrKZCtDukjgG4Yk6efn4mplYIU9Odx/
+LAhDLTnaJgFUgvrfFfznwZUNvD/CIKw40Q74WjH5SknXaVnbLdOhXEmAcfSWeJuc
+D+HInpoi6dvLEWhw4badsyJg0NlBw3Goijt4hRa5x5WqeSAZp0C9BbUAL8kHRywA
+FJSTNn2Yci9fG12Rmd2JhHeJmf7tF4HGFxwIMtu88vC2+Pt02wD1djlHrJ8cZhX4
+/byBHYTJqhmFJywT2XjY3JGxILtgMXR/Fx0u/GgfbNKbF9qHIfRU5sGnpgVPMGNQ
+ZLywudhCxQ4VViu1+DbTa70i1/XsWnJxEakU8WfykveoPC8YHCWj9ELci83iJEjL
+ak5rz0DPrrERyZvZEnNSvxuXW4nPulDvv73Uxvqpy+x6OW/qL+yLWBBtPP6Zz7L1
+sgEtbQNEyZkraikqzyUJ18fGi02Bm/ZKCiZs66BaBArD/qoQyB8L50pIby9bqr8E
+KoiiZCs4pLjny/CjNj2Y
+=54zI
 -----END PGP SIGNATURE-----