On Monday 05 September 2005 4:09 am, Cameron Metzke wrote: > Does anyone have solid written key signing policy?
I don't think there is one policy to fit all needs. There are FAQ's and HOWTO's on keysigning events/parties and lots of groups have their own policies for their own needs. There are also tools like CA Bot (by Peter Palfrader) and others that help in keysigning - particularly when keys and identities are verified at distant events and the participants won't necessarily meet again for a considerable time. http://www.palfrader.org/#cabot http://cabot.alioth.debian.org/ There's a very simple HOWTO for those who don't know the details of *how* to sign a key: http://gnupg.neil.williamsleesmill.me.uk/book1.html A more general FAQ based on the GNU Privacy Handbook: http://www.dcglug.org.uk/linux_adm/gnupg.html and containing it's own keysigning guide: http://www.dcglug.org.uk/linux_doc/gnupgsign.html And the general keysigning HOWTO: http://www.cryptnet.net/fdp/crypto/gpg-party.html All are written from a standpoint of a loose association of GnuPG users who correspond regularly by email and meet occasionally or just once. Each document tends to consider participants as individuals with their own individual key(s) and with no "group key" or "group hierarchy". i.e. they are policies for friends/contacts, not necessarily policies for employer/employees. These may need to be adapted for your purposes. The main DCGLUG guide at http://www.dcglug.org.uk/linux_doc/startgnupg.html is licenced under the GNU Free Documentation Licence. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
pgpi6ywY8eEIf.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
