Signing people with only one form of ID?

David Shaw dshaw at
Thu Feb 28 03:51:28 CET 2008

On Thu, Feb 28, 2008 at 01:38:11AM +0100, Richard Hartmann wrote:
> Hi all,
> after creating a new key and getting back into 'serious' gpg usage,
> I attended a key signing party where the overwhelming portion of
> people had only one form of ID with them.
> It seems that most people assign the highest trust level to others
> who have presented only one form of ID. Personally, I tend towards
> only granting that to people who showed me two seperate pieces
> of ID.

Perhaps more important than the number of IDs, is the quality of IDs.
A cheap generic photo ID from the local gym is practically worthless.
A passport or drivers license is usually good.

I wouldn't go crazy here: keep in mind that the web of trust is
designed for people who don't have the ability to prove that a
passport or license is real.  This is one of the reasons that more
than one signature is needed to make a key fully valid.  All that the
web of trust asks is that you do your best.


More information about the Gnupg-users mailing list