-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

PGP Keysigning Policy of Douglas E. Warner
$Date: 2006/08/17 12:41:32 $

I need to see some form of photo ID where the name on the id matches the name on
the key and the photo matches the person that has asked me to sign/certify the
key.  If the ID is of questionable authenticity or I am unable to recognize it
as valid I will not sign the key.

The key information (key id, fingerprint, and size) must match the information
that is provided to me by the key owner.

I will send a random challenge to each user id on the key.  If the key has
encryption capabilities, the challenge will be encrypted.  I won't sign any of
the user id's on the key until I receive a signed reply from each of the user
id's.  If there are user id's on the key that have no valid email address
associated with them, I won't sign the key unless the key owner can provide a
good reason why those user id's are on the key.  I won't sign a user id without
a valid email address -- except perhaps a photo user id.

If the above criteria are met, I will issue a level 2 certification.  For
someone I have known personally for many years I will issue a level 3
certification.

Please note that by signing/certifying a key I am merely stating that the above
conditions have been met.  It is a statement about the key's validity, not about
trust in the key owner.

If you have any questions about this policy or suggestions for how it could be
improved, please email me.  My address is on my key.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE5GSUJV36su0A0xIRAm/0AJ45eH/Nq77DDFuoEsMPc7HPj6bVSwCggJqO
EUGWXLO37+g885x45Bzc2iw=
=5ngW
-----END PGP SIGNATURE-----