Public Key Notary

1 Comment

I am authorized to assure participants in the CAcert.org system. I also vet and sign OpenPGP (PGP, GnuPG) keys. If you’re seeking an assurance or signature, read on.

Please e-mail me to establish contact. I live and work just north of Indianapolis; if you can’t make an appointment to be here in person, please seek a different assurer.

It’s unlikely that I can make appointments without at least overnight notice.

The number of points awarded will be based on my confidence level in the credentials. I will not award the maximum for only a single ID, so please try to have more.

CAcert.org

  • Print out a copy of your WoT Form. After logging in on the site, find US – WoT Form under CAP/TTP Forms to retrieve the pre-filled form. The onus is on you to provide the form.
  • Bring at least one (preferably two or more) government-issued photo ID.
  • If you only have one government-issued photo ID, you may bring other IDs whose quality it is at my discretion to judge.

OpenPGP (PGP, GnuPG)

Concerning OpenPGP signatures, my procedures for signing and my signing policy, which describes the semantics of what I’m attesting with a signature, are posted.

  • When requesting a signature, please sign the message with the key you would like for me to sign. This will help me determine that you can receive and decrypt mail sent to the address on your key.
    • If your key is not available on a public keyserver, please attach it.
    • You may (read: should) encrypt your request to my PGP key, available on the key data page, in order to verify that I indeed own the address, and to protect the confidentiality of the request.
  • Bring a hard copy of your key fingerprint. This is essential; I cannot verify your key unless you provide your key fingerprint in person.
  • Bring at least one (preferably two or more) government-issued photo ID (For OpenPGP, this isn’t a hard requirement, but please do so whenever possible).
  • If necessary, bring whatever additional IDs may be useful to make a case for your identity.
  • Unless you find reason to request otherwise, I ask for your signature on my key as well. Give me sufficient notice that I can provide my own credentials and fingerprint.
1 comment

  1. Thank you for sharing your signing policy, that may serve as a X.509/PGP bridge guide.

    Regarding the signing of PGP-Keys with S/MIME-Certs: would it make sense to attach the S/MIME Signature of a PGP-Key as a “notation” on the self-sig of some(or all) UIDs of that Key?

    My Apologies for any Disturbance,
    Kostis

    Reply ↓

Leave a Reply

Your email address will not be published. Required fields are marked *