Key signing policy

Neil Williams linux at
Mon Sep 5 14:34:54 CEST 2005

On Monday 05 September 2005 4:09 am, Cameron Metzke wrote:
> Does anyone have solid written key signing policy?

I don't think there is one policy to fit all needs. There are FAQ's and 
HOWTO's on keysigning events/parties and lots of groups have their own 
policies for their own needs. There are also tools like CA Bot (by Peter 
Palfrader) and others that help in keysigning - particularly when keys and 
identities are verified at distant events and the participants won't 
necessarily meet again for a considerable time.

There's a very simple HOWTO for those who don't know the details of *how* to 
sign a key:

A more general FAQ based on the GNU Privacy Handbook:
and containing it's own keysigning guide:

And the general keysigning HOWTO:

All are written from a standpoint of a loose association of GnuPG users who 
correspond regularly by email and meet occasionally or just once. Each 
document tends to consider participants as individuals with their own 
individual key(s) and with no "group key" or "group hierarchy".

i.e. they are policies for friends/contacts, not necessarily policies for 

These may need to be adapted for your purposes. The main DCGLUG guide at
is licenced under the GNU Free Documentation Licence.


Neil Williams

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20050905/42b6bdca/attachment.pgp

More information about the Gnupg-users mailing list