I just created a PGP/GPG key signing policy.

After holding a small but fun Key Signing Party in Copenhagen yesterday, I decided that it would probably be a good idea to document my own policy when it comes to when and how I will sign other people’s keys.

My main motivations for doing this are that I want to expand the web of trust and I want to spread the use of GPG among my friends, relatives and social media contacts.

My requirements for signing your key aren’t that strict. Basically if I know you well, I will sign your key. If I don’t know you that well, you can send me color scan of your Danish passport or driver’s license and I’ll sign your key after verifying the information.

comments powered by Disqus