-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Version: 3 Date: 2018-09-13 This is my (Aras Ergus') key signing policy for the PGP key with primary key fingerprint 721E 257F 77DF 2F12 1205 D1F2 EA5D 3393 3881 EB12 (see below for more details about the key). SUMMARY Here is a brief summary of this policy. See below for more details. Different trust levels mean the following: * 0 ("I will not answer."): I use this type only for UIDs which do not contain the real name of a person, e.g. for organizations. I make such signatures only on exceptional occasions and only with an expiration date which is at most ninety days in the future. * 1 ("I have not checked at all."): I make no signatures of this type. * 2 ("I have done casual checking."): I use this type only after checking a government-issued identity document. * 3 ("I have done very careful checking."): I use this type only for people I know personally and only after checking a government-issued identity document. While signing a key I sign each UID separately and send the signature of each UID to the associated email address in order to make sure that an owner of the private key has access to that email address. DETAILED POLICY Signing a UID means that I am convinced, to a certain extent, that the key in question belongs to (or to be more accurate: can be used by) the entity whose name appears in the UID. Even though I don't sign any UIDs that contain comments which are obviously wrong or misleading, signing a UID *does not* mean that I have verified the accuracy of any attached comments. I sign UIDs using my primary key (see below or above for the fingerprint), whose sole intended usage is certification. Depending on the extent of the verification, I make signatures of different trust levels. DETAILED POLICY: TRUST LEVELS 0 ("I will not answer."): This type is used only for UIDs which cannot be verified in an obvious manner and in particular do not contain the real name of a person, for example for organizations. Nevertheless it means that I verified the claimed identity of the UID in a way which seemed reasonable to me. (For example, I would sign the release key of a software project I am personally involved in.) Signatures I make with this trust level have an expiration date which is at most ninety days in the future. The reason for this is the fact that names and members of organizations or similar entities change a lot more often than the name of a person changes, i.e. that it is likely that the identity of such an entity which was verified (in the above sense) at the time of signing will not be valid in near future. 1 ("I have not checked at all."): I make no signatures of this type since I do not sign UIDs without identity verification. 2 ("I have done casual checking."): I use this type only after checking a government-issued identity document, where * "government" means the government of a United Nations member state [1], * "identity document" means identity card, passport, residence permit or similar document which contains a photograph and the full name of the person in question. (These definitions are suboptimal and just a temporary solution for drawing some boundaries. I am trying to find better and more precise criteria for recognizing identity documents.) I am, however, not very pedantic about the exact name string on the identity document. I sign UIDs which very plausibly refer to the name on the document, even if the name differs from the name on the document by following or similar aspects: * typos, i.e. differing from the name on the document by a few letters, * using a different transcription of the name to the English alphabet (or to Latin characters) than the one on the document, * missing some middle names or surnames which are on the document, * using common short versions of some names on the document or common nicknames for some names on the document. Further, the following are also requirements for this trust level: * The person in question gave me the fingerprint of the key associated to the UID in question in person in real life (e.g. by reading aloud from the screen of a device which appears to be theirs or by presenting a piece of paper with the fingerprint on it). * I have no reason to believe that the identity in question does not belong to the person in question. 3 ("I have done very careful checking."): I use this type only for people I know personally and only after checking a government-issued identity document, or more precisely, only when all the criteria of trust level 2 are also fulfilled. The concept of "knowing someone personally" is intentionally kept vague here in order to protect people's privacy, but it at least means the following: * I have had multiple conversations with that person in real life before accepting to sign the UID in question. * I have communicated with the person in question using the key in question, and real life communication made it plausible that they were able to sign and decrypt content using (a subkey of) the key in question. DETAILED POLICY: DELIVERY OF SIGNATURES While signing a key I sign each UID separately and send an encrypted copy of the signature for each UID to the associated email address in order to make sure that an owner of the private key has access to that email address. KEY DETAILS As of the last update of this document, the details of my PGP key are as follows (omitting expired subkeys): rsa8192/0xEA5D33933881EB12 2015-12-06 [C] [expires: 2019-11-22] Key fingerprint = 721E 257F 77DF 2F12 1205 D1F2 EA5D 3393 3881 EB12 Aras Ergus Aras Ergus Aras Ergus rsa4096/0x9AEA4479724BCBB2 2017-06-26 [S] [expires: 2018-11-22] rsa4096/0xDDEB09CE545B7EE4 2017-06-26 [E] [expires: 2018-11-22] rsa4096/0x8D89679E8588502F 2017-06-26 [A] [expires: 2018-11-22] CHANGE LOG 3 (2018-07-??): Tweak the encrypted communication condition for sig3. * For sig3, only require (encrypted) communication using the _key_ in question, not necessarily encrypted communication with every single UID. This is motivated by the fact that in real-life encrypted communication scenarios, I usually don't use all the email addresses of the correspondent. Moreover, access to email addresses in the UIDs is somehow checked already on the sig2 level by sending an encrypted signature to each UID separately. * Fix a typo. * Update public key information. 2 (2017-10-27): A few clarifications. * Make the ways in which UIDs may differ from the name on the ID document more explicit. * Fix a few typos. * Update public key information. 1 (2016-05-27): Initial version. [1]: https://www.un.org/en/member-states/index.html -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE66GveUtNQZHmF6ZGmupEeXJLy7IFAluaBOMACgkQmupEeXJL y7IdlxAAyObO6/Gq2txqV2TFWZX+T7PFaToIPmQs2iUGk/fsn7cO/4yyISIP6UaO Jiu/vDHcswy6pBk4mLTHCJ5P4zXUQlEISVqI9jalV0yY5Y8MySbgdXYvp2aCwT9p DffMcI24TymeK0+h88kqdbonIpGRQ3rfPtXRC8GT/m5cd3RKcqEVYBaYYcs0oC0u NCXleyeHZD1cV+hJRFTOiJJVDLyL1CcrIFW9rDBVRwEywdhptEHH9GP/rOVUvEG/ HcdIp/tXnq3IO6H62nMIdsWy3bFnD7vN53YY1UH2P9UVyIykLV9iUfLrynWDM7g+ LuXo9lKUjTr15FcrONAkXiK0GzJ4p03LTfhSUd7bc4DmQWHrFhRVCgfRkqrgbTtM kXSidiEhd2pi3Q94qTBvZotNW2Bs05G9r8+D+tHkKLn0yAekoIdbVv2pkax0TIKF lGXAo/dz5NwM6kKUnKBNBYcG5w9ifINd1QHYfV62CWgpHSz4yVg05w0K2SYo4CHx bAr0UwC5ojM5kXXh/Np3FNG01Do0H027eDuqILdaLK0JC79b/C5GV8mpYnHfHfai vHzzcB9dIzRpbSwboWBqswF5f5scL+E4aSWIEuj6H/IP0CQFmaWQ1j+36EU+5MMf 2tmoFgG5dpT9bvZjWnO4PCdtXgVTVv7r8hIo9VqwwUuwMfSPY28= =DQmr -----END PGP SIGNATURE-----