This policy is valid for all signatures made by the OpenPGP key:
pub 1024D/E8C80C34 2002-10-19 Jorgen Cederlof <jc@lysator.liu.se>
Key fingerprint = 6577 1946 07B5 A68D A3EE E973 013C 5083 E8C8 0C34
sub 1024g/0069E587 2002-10-19
Although this policy was formally written 2003-03-25, it was followed from the creation of this key.
It may be replaced at any time with a new version. If a new version incorporates changes that might affect the strength or perceived strength of the resulting signature, the old version will be linked from the new one.
This is version 2, written 2003-05-10, which adds cert check level 1 to the initial (2003-03-25) revision.
The signee (i.e. the key holder who wishes to obtain a signature from me, the signer) must make his/her OpenPGP public key available on a publicly accessible keyserver, such as the .pgp.net servers. Furthermore, for totally unknown persons, there must already be a signature path from me to this key. People wishing to enter the strongly connected set should do so through better authentication, if possible through someone they know personally.
The signee must prove his/her identity to me by way of a national ID card, a driver's licence, or a similar token. The token must feature a photographic picture of the signee.
For people from outside the European Union, only a combination of at least two of the above tokens will be accepted (since I can't assess their risk of fraud). Exceptions will be made when the signee can come up with other means of proof of identity. But at least one of the above tokens will stay the minimum requirement.
The signee should have prepared a strip of paper with a printout of the output
gpg --list-keys --with-fingerprint 0x6789ABCD
(or an equivalent command if you're not using GnuPG), where
0x6789ABCD is the key ID of the key that is to be
signed.
A hand-written sheet featuring all user ID's the signee wants me to sign and the fingerprint will also be accepted.
The above must take place under reasonable circumstances.
The signee should be willing to cross-sign with me.
After having received (or exchanged) the proof detailed in the above, I will sign the sheet of paper myself to avoid fraud.
At home, I will send one email to each of the mail addresses featured in the user ID's that I was asked to sign. They contain random strings and will be signed by me and encrypted to the public key whose fingerprint is printed on the paper.
Upon reception of encrypted and signed replies, I will check the returned random string for equality with what I sent.
User IDs that pass the above test are signed. If one of the user IDs fails the test, a warning is sent to one of the other userID's addresses and the procedure is halted until a satisfactory explanation has been received or the procedure has been cancelled by the signee.
The signed keyblock is uploaded to a randomly chosen set of keyservers. The signee may hint on what key server or choose to receive it through mail instead.
If I know the signee personally, I do not require ID card or the above formal procedure. A meeting where we exchange fingerprings is enough. Naturally, it would be extremely hard to trick me into signing a false key this way. Therefore, these signatures are given a level of 3, while others are given a level of 2.
If I have had contact with someone through signed or encrypted e-mail over a time long enough to rule out at least temporary man-in-the-middle attacks, and I have verified the key with a key downloaded from his/her personal web page, or signed emails/fingerprints on public mailing lists, but I have not met the person or verified the key in any other way, I may sign the key with cert check level one.
This latest version of this file is always available at http://www.lysator.liu.se/~jc/signing-policy.html. A detached signature can be found here.
Much of the inspiration, text and design of this page comes (with permission) from the OpenPGP Key Signing Policy of Marc Mutz.