-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My old PGP Key Signing Policy for 0x509245C4887BAE72: ========================================================== pub 4096R/887BAE72 2005-10-25 Key fingerprint = 039E 9433 115F BC5F F88D 4524 5092 45C4 887B AE72 uid Nicolas Rachinsky uid Nicolas Rachinsky (work) uid Nicolas Rachinsky sub 1024D/3B65E76F 2005-10-25 [expires: 2006-10-25] sub 2048g/46D2F6CE 2005-10-25 [expires: 2006-10-25] sub 2048g/2309EF1F 2006-07-27 [expires: 2007-07-27] sub 1024D/F55C2A53 2006-07-27 [expires: 2007-07-27] The addresses are mangled to confuse spammers. If you find a PGP Key signed by this key, which refers to this policy, you can trust it as far as you trust me in these things: + I met the person who claims to be the owner of the key and did some extensive verification of the key: + I verified the key fingerprint with the owner of the key in person. + I checked, by means of a hard to forge document with a photo ID (such as a passport), that the name of the key owner matches the name in the user ID on the key. If I know her/him well and I've already seen such a document, I will sign without looking at such a document again. + If I don't know the key owner personally, I will only issue an level 2 signature. + I did an EMail Challenge / Response for UIDs containing an EMail address (except I've seen an equivalent use of the key and the address before). + I do NOT check the content of the comments. + These checks apply to all user IDs I sign. + In some special cases I will issue level 1 signatures without doing these checks but other hopefully equivalently good ones. Until now (2006-03-11) the only key which got such a signature was the certificate key of the ct magazine (0xB3B2A12C); I compared its fingerprint with several printed issues of the ct magazine. ========================================================= I WILL revoke a signature if I have strong reason to believe that the key has been compromised or if I mustn't have signed it according to this policy (I hope this won't happen). I WON'T revoke a signature if the mail address no longer belongs to the owner. ========================================================= This key does not expire, but will be revoked at any sign of compromise either by me or other trustworthy persons. Precautions have been taken. ========================================================= I believe in the idea of a "web of trust" and try to be a trustworthy part of it. But *you* must know how much you want to rely on my judgement. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (FreeBSD) iQFXBAEBAgBBBQJSIxMNOhhodHRwOi8vd3d3LnJhY2hpbnNreS5kZS9uaWNvbGFz L2dwZy9uaWNvbGFzX3JhY2hpbnNreS5hc2MACgkQd0qZ4ekfTQ71tggAn9/NG7FF Tlnz2ZTtrqNqhQ/HIg3S/UMdgTQnXO8AjApVL2I6TU8mm1dbtKaY0QHm5bQ2mM8k wVWY1TEaoLNuEkG7RpcCR4ywhm4AzxqMXYN/lshG2L0W6tc1wa1l+7zjX5lJxHxZ FKU+iLA++hsr/gSlLAJQQ1Z6jjsdi/GCfpVmCEy2RzQEDZnW0qjCTFzh72qQEbux 6qyZBTnwLbuzOkCl99Ul9qlNnyfc0jMKr3BpMoRQ5vFL1ipSjX6eB5PYNmDSfi0M 0Et7L8aMdzg4YFVaEgL9TL8LrDppQKaGbso30ba9qI6j0mIyhQbS8xaSWBvYuGQH Oro4yEWdqF4RRA== =jOcE -----END PGP SIGNATURE-----