/
id.txt
83 lines (53 loc) · 2.96 KB
/
id.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Last Update: 2024-03-05
This is a signed summary of relevant cryptographic information. This document
may be used in conjuction with a verified copy of my public key to establish
trusted communications through other channels.
# PGP Fingerprint
5249 2412 A119 0FC0 87EA 0F1D 70B2 20FF 8D2A CF29
# Signal
pigmonkey.82
# Session ID
059fa7134a8c8674d4c14311c5392f3343d401466284a844266737835e7771600c
# SSH Public Key
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDotO5erTRlNWn5fcHjskFdwxDDEaJ3Q/vXfWMK6kpefLA6K3G1r/TH57lDsXpNIuUwt/61JCu7ShWLqrmBeVkhnPj8eBjRLg6UtFumXXDRCCHHLjd8nyZqyVHHNd0ygSwC26F+o5s87W2tkZLZjqvym69xLHlIpE2vxndE/Bk/idBm9ZyWBVANJvEs7CTOpxb+G8C08o6IfcpIP+Qf7P/4ydgNWDWAKWJHbJ+rfzkdsRenfcuN3WVa47jzItM3K0ZL6C7FB6F1FS3uTG9ahGBOltzfx6WKlnuOKwzLmNl7SE6I2otMGQv7O7dw4/qWIE8BWHcb6QBtNvwGY29mJ0nX
# PGP Key Signing
I will sign other keys according to the following policy.
## Casual (Level 2)
I have performed a casual check of the person and key, generally meaning that:
* I personally know the subject of the key by the UID, and have for some time;
* I can readily and reliably recognize them; and
* I verified their key fingerprint through an out-of-band channel, which might
include voice or video chat.
## Extensive (Level 3)
I have performed an extensive check of the person and key, generally meaning that:
* I physically met the person, not by voice or video chat;
* they presented me with difficult to forge evidence of their identity;
* I verified their key fingerprint at that time; and
* I verified that the email address of the UID belongs to the person.
## Notes:
* I do not have a specific metric for how long I have to know someone before
being willing to certify their key based solely on our relationship. I use my
judgement and discretion.
* I do not require that the UIDs I certify are someone's birth name, or the
name on their government documents. I will certify a persistent pseudonym if
that is the name someone goes by.
* "[D]ifficult to forge evidence of... identity" often means government issued
photo identification which I find convincing. It may also mean a personal
attestation from someone who I know well and consider trustworthy.
# PGP Key Management
My private key was generated offline on an air-gapped computer. All key signing
occurs on an offline, air-gapped computer. The key and computer are stored
securely in a tamper-evident manner. Signing and encryption subkeys for regular
use are stored on a YubiKey NEO.
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEGLwQ6rSLzd+OimjcVOmYrGGLwTcFAmXnn4kACgkQVOmYrGGL
wTcpDwf/YZWd71ig/5wrLB9CM48t2JK0ut9USRLiqBHRW+M+atg5So0tc4MkEoX/
ihdv/bLZkZwYrvJLBf1H5FCddatp0IuYSpeZGQSjecZsuGf0721fYq4Q664myASp
c39vVGFf7Q4sKhU/pM9U4qNmQa8txh0Ln0c7SRRqOCt9PogTsFi18nTkU4NWUbwM
EOBd52OstDyaLgt/q8eY8eh78A5hxpYhgGDweQYvrj4fY3+YkQXGgnmBaC4TP16o
rsPls3ZVQzlSVPj0zpjp/TGmwiuSZmY8rhVV5RcoxQVE/a/7V+EVMmfhNsYR7wyB
M+dFhZ9dIOJrddpiZote88Qi+zdAZg==
=0RyB
-----END PGP SIGNATURE-----