OpenPGP Signature policy

All signings will be made from the key 0xADB140A7. It is also available on public keyservers. My previous key (1024 bit / 0xCB74F360) was revoked on 2014-02-23 as it is replaced by the 0xADB140A7 key.

Prerequisites for signing:

  • At least one government-issued photo ID must be presented
  • Written copy of your key fingerprint exported with
    • gpg --fingerprint your_keyid
  • Meeting in person

Signature Levels

  • 0x10: not used
  • 0x11: not used
  • 0x12: Level used for people I met and checked their ID
  • 0x13: Level used for people I personally know and that I'm sure of their identity (and or checked ID)

Signing process:

  • Meeting in person to:
    • check your identity,
    • exchange details on ID to be signed;
  • For each ID, I'll send you an encrypted e-mail. I won't upload the signature to the key server, I'll let you do it.
    •  gpg --ask-cert-level \
          --cert-policy-url http://chris.berger.cx/Main/OpenPGP \
          --sign-key your_keyid 
    • gpg --export -a your_keyid
  • To import/publish your signature:
    • gpg --import the_signature.asc
    • gpg --keyserver pool.sks-keyservers.net --send-key your_keyid

OpenPGP personal notes