Update key signing policy with information about my master signing key and security
This commit is contained in:
parent
73db01d006
commit
5f0662590a
|
@ -39,3 +39,13 @@ I generally only sign keys with trust levels 0x12 and 0x13.
|
||||||
* I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person.
|
* I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person.
|
||||||
* I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
|
* I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
|
||||||
|
|
||||||
|
## My private master key
|
||||||
|
|
||||||
|
My private master signing key is only be used for the following purposes:
|
||||||
|
|
||||||
|
* Add or revoke UIDs
|
||||||
|
* Add or revoke subkeys
|
||||||
|
* Sign other people's keys
|
||||||
|
|
||||||
|
My private master key is generated and stored offline on a clean, air-gapped machine that is always booted fresh with the latest version of [Tails](https://tails.boum.org/). The private master key has never and will never be exposed internet and is protected by a long, secure passphrase.
|
||||||
|
|
||||||
|
|
|
@ -42,19 +42,29 @@ I generally only sign keys with trust levels 0x12 and 0x13.
|
||||||
* I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person.
|
* I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person.
|
||||||
* I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
|
* I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
|
||||||
|
|
||||||
|
## My private master key
|
||||||
|
|
||||||
|
My private master signing key is only be used for the following purposes:
|
||||||
|
|
||||||
|
* Add or revoke UIDs
|
||||||
|
* Add or revoke subkeys
|
||||||
|
* Sign other people's keys
|
||||||
|
|
||||||
|
My private master key is generated and stored offline on a clean, air-gapped machine that is always booted fresh with the latest version of [Tails](https://tails.boum.org/). The private master key has never and will never be exposed internet and is protected by a long, secure passphrase.
|
||||||
|
|
||||||
-----BEGIN PGP SIGNATURE-----
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
iQIcBAEBCgAGBQJU4ussAAoJEDUaieQNdj8PlCoP/jFLeGghDgPCoC1KGwT81+Jh
|
iQIcBAEBCgAGBQJU41otAAoJEDUaieQNdj8PZo4QALlrIoTkmCAEk1VJn7t4k8Zu
|
||||||
0K9wbqgXIyXwcIG1xDOf/QFnh+IptJNHBhj2gyNeyuvX3eLIQ7D/QcPs07CRmO8p
|
9t4rpMCKQywCNwzr7gGnApDoH+XwWfO2xsPnKxmtqwY2RdSPseeDOrP4RCn0mYbF
|
||||||
WcGczj2Ez/LmdslkC6RkwmDplRBF+r/j5jDWUnzA4qYqO8TZJdL+9yXP6W5I2h2Z
|
DHO5Hm2qhkQz9cGR2j2NV0+b4ITfeXkPUnP3WyNqqKfF/3irNV9bBU1kqzr/V2PD
|
||||||
N9F74gSjo1/5GwgWc1qA9KSnQj6cSxStS8irXda/iDH0CX4nZqYS8qIklSLGfuHz
|
PayYWZIaxkvYkRRaLLumklP47oXjaMMcHhrKZCtDukjgG4Yk6efn4mplYIU9Odx/
|
||||||
uWGJg1UD94+tppkkDi4bcrSGybQGaFgmuTO7JyYv1Ahs0NIXz/HEA8rABMmuGlVa
|
LAhDLTnaJgFUgvrfFfznwZUNvD/CIKw40Q74WjH5SknXaVnbLdOhXEmAcfSWeJuc
|
||||||
ucqOTsy3cYSwHiERjlc2SKamn6nagRCU2uma63Wau8O/PN8KBw7CgNBesSESx5Mg
|
D+HInpoi6dvLEWhw4badsyJg0NlBw3Goijt4hRa5x5WqeSAZp0C9BbUAL8kHRywA
|
||||||
C8ReaP8ZcD8PqCqvYsNF9E3juv9kICSYi1KgwcAHulXd216I3V+f9xczvZUF0h4P
|
FJSTNn2Yci9fG12Rmd2JhHeJmf7tF4HGFxwIMtu88vC2+Pt02wD1djlHrJ8cZhX4
|
||||||
xxcDiBlLOoAqcqoEu81iRw2QqDyPr17I+v89/260q7CNmbnLDcQBLWB4jcEYK1eP
|
/byBHYTJqhmFJywT2XjY3JGxILtgMXR/Fx0u/GgfbNKbF9qHIfRU5sGnpgVPMGNQ
|
||||||
gBcnGnkzKML1ZGXR1eBCSX4snPhRJxv6DLvKxqntw98oI3NGR8ug0vGzNsHgB0OH
|
ZLywudhCxQ4VViu1+DbTa70i1/XsWnJxEakU8WfykveoPC8YHCWj9ELci83iJEjL
|
||||||
SAkeJzl7LhJb+5NDzzKKWXdJfXT11kqSJaFP83qOGwZW4a4h9/DeXtoR+lLde3xK
|
ak5rz0DPrrERyZvZEnNSvxuXW4nPulDvv73Uxvqpy+x6OW/qL+yLWBBtPP6Zz7L1
|
||||||
KPDdHuXbScJZrsBJJ1LK14p0UcVfcWkpvseig0gTWfSRxJQ/unlT927KhWmx3oVn
|
sgEtbQNEyZkraikqzyUJ18fGi02Bm/ZKCiZs66BaBArD/qoQyB8L50pIby9bqr8E
|
||||||
YN8td0U76iFeeXogWeBy
|
KoiiZCs4pLjny/CjNj2Y
|
||||||
=RTFG
|
=54zI
|
||||||
-----END PGP SIGNATURE-----
|
-----END PGP SIGNATURE-----
|
||||||
|
|
Loading…
Reference in a new issue