Update key signing policy with information about my master signing key and security

This commit is contained in:
Jesper Hess 2015-02-17 16:12:31 +01:00
parent 73db01d006
commit 5f0662590a
2 changed files with 33 additions and 13 deletions

View file

@ -39,3 +39,13 @@ I generally only sign keys with trust levels 0x12 and 0x13.
* I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person.
* I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
## My private master key
My private master signing key is only be used for the following purposes:
* Add or revoke UIDs
* Add or revoke subkeys
* Sign other people's keys
My private master key is generated and stored offline on a clean, air-gapped machine that is always booted fresh with the latest version of [Tails](https://tails.boum.org/). The private master key has never and will never be exposed internet and is protected by a long, secure passphrase.

View file

@ -42,19 +42,29 @@ I generally only sign keys with trust levels 0x12 and 0x13.
* I will sign your key if we cannot meet in person but someone I ultimately trust notifies me that you want a signature, and gives me your key id verbally or in person.
* I will sign your key without meeting in person if I know you very well personally (such as working with you, going to school with you, family etc.) and we can exchange key fingerprints in another fashion such as over the phone.
## My private master key
My private master signing key is only be used for the following purposes:
* Add or revoke UIDs
* Add or revoke subkeys
* Sign other people's keys
My private master key is generated and stored offline on a clean, air-gapped machine that is always booted fresh with the latest version of [Tails](https://tails.boum.org/). The private master key has never and will never be exposed internet and is protected by a long, secure passphrase.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJU4ussAAoJEDUaieQNdj8PlCoP/jFLeGghDgPCoC1KGwT81+Jh
0K9wbqgXIyXwcIG1xDOf/QFnh+IptJNHBhj2gyNeyuvX3eLIQ7D/QcPs07CRmO8p
WcGczj2Ez/LmdslkC6RkwmDplRBF+r/j5jDWUnzA4qYqO8TZJdL+9yXP6W5I2h2Z
N9F74gSjo1/5GwgWc1qA9KSnQj6cSxStS8irXda/iDH0CX4nZqYS8qIklSLGfuHz
uWGJg1UD94+tppkkDi4bcrSGybQGaFgmuTO7JyYv1Ahs0NIXz/HEA8rABMmuGlVa
ucqOTsy3cYSwHiERjlc2SKamn6nagRCU2uma63Wau8O/PN8KBw7CgNBesSESx5Mg
C8ReaP8ZcD8PqCqvYsNF9E3juv9kICSYi1KgwcAHulXd216I3V+f9xczvZUF0h4P
xxcDiBlLOoAqcqoEu81iRw2QqDyPr17I+v89/260q7CNmbnLDcQBLWB4jcEYK1eP
gBcnGnkzKML1ZGXR1eBCSX4snPhRJxv6DLvKxqntw98oI3NGR8ug0vGzNsHgB0OH
SAkeJzl7LhJb+5NDzzKKWXdJfXT11kqSJaFP83qOGwZW4a4h9/DeXtoR+lLde3xK
KPDdHuXbScJZrsBJJ1LK14p0UcVfcWkpvseig0gTWfSRxJQ/unlT927KhWmx3oVn
YN8td0U76iFeeXogWeBy
=RTFG
iQIcBAEBCgAGBQJU41otAAoJEDUaieQNdj8PZo4QALlrIoTkmCAEk1VJn7t4k8Zu
9t4rpMCKQywCNwzr7gGnApDoH+XwWfO2xsPnKxmtqwY2RdSPseeDOrP4RCn0mYbF
DHO5Hm2qhkQz9cGR2j2NV0+b4ITfeXkPUnP3WyNqqKfF/3irNV9bBU1kqzr/V2PD
PayYWZIaxkvYkRRaLLumklP47oXjaMMcHhrKZCtDukjgG4Yk6efn4mplYIU9Odx/
LAhDLTnaJgFUgvrfFfznwZUNvD/CIKw40Q74WjH5SknXaVnbLdOhXEmAcfSWeJuc
D+HInpoi6dvLEWhw4badsyJg0NlBw3Goijt4hRa5x5WqeSAZp0C9BbUAL8kHRywA
FJSTNn2Yci9fG12Rmd2JhHeJmf7tF4HGFxwIMtu88vC2+Pt02wD1djlHrJ8cZhX4
/byBHYTJqhmFJywT2XjY3JGxILtgMXR/Fx0u/GgfbNKbF9qHIfRU5sGnpgVPMGNQ
ZLywudhCxQ4VViu1+DbTa70i1/XsWnJxEakU8WfykveoPC8YHCWj9ELci83iJEjL
ak5rz0DPrrERyZvZEnNSvxuXW4nPulDvv73Uxvqpy+x6OW/qL+yLWBBtPP6Zz7L1
sgEtbQNEyZkraikqzyUJ18fGi02Bm/ZKCiZs66BaBArD/qoQyB8L50pIby9bqr8E
KoiiZCs4pLjny/CjNj2Y
=54zI
-----END PGP SIGNATURE-----