This article was forwarded to you by whitaker@demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Newsgroups: demon.security From: twillis@pintu.demon.co.uk (Tom Willis) Path: eternity.demon.co.uk!demon!pintu.demon.co.uk!twillis Subject: Attempt at a signing policy Distribution: world Organization: DGA Ltd X-Mailer: Simple NEWS 1.90 (ka9q DIS 1.19) Lines: 122 Date: Tue, 15 Dec 1992 23:46:16 +0000 Message-ID: <724463176snz@pintu.demon.co.uk> Sender: usenet@demon.co.uk I would welcome any comments on the following, as a signing policy. What do you think? -----BEGIN PGP SIGNED MESSAGE----- This is my policy for signing keys ================================== (dated 12th December, 1992 1992-12-12) - --Type bits/keyID Date User ID - --pub 1024/6AD0D1 1992/10/24 Tom Willis <twillis@pintu.demon.co.uk> - -- Key fingerprint = 04 D7 B9 24 50 BE B2 30 BD 23 1A 98 B5 01 F1 46 - -- Tom Willis <GBR55N55@IBMMAIL> - -- Tom Willis - -- </G=WilliTL/S=Willis/PRMD=IBMMAIL/ADMD=IBMX400/C=GB/> - -- Tom Willis <100042.446@Compuserve.com> - -- Tom Willis - -- </CN=Tom Willis/OU=HQ/O=DGA+C=GB/@DGA@Notes> Introduction - ------------ It is my intention that you should be able to trust my signature on any key that you see. However, what you mean by trust and what I mean by it may differ. In overview, I will only sign keys that I have received directly from an individual that claims to own the key, and that I am confident does so. My confidence is based upon the policy I maintain for signing keys. Policy - ------ 1. I will only sign a key that I have received physically during a face-to-face meeting with the person claiming to own the key. 2. I will only sign a key once the claimed key-owner has proved to me that they possess the secret key corresponding to the public key that they have given me. 3. I will only sign a key/ID pair that I believe identifies the person claiming to own the key. 4. I do not claim to have verified that the name the person is using is actually their own legal name; I accept reasonable aliases/handles but require that I am confident that the person regularly uses the name given in public. 5. I do not claim to know that the key owner is trustworthy in signing keys, and is not an agent provocateur. The obvious ones: 6. I will not allow my secret key and password to fall into anyone else's hands. 7. If I find that my secret key has been compromised, I shall do my best to distribute a compromise certificate to anyone who has received a key with my signature. Notes on Policy - --------------- 1. I will accept keys presented on paper or electronically (e.g. on diskette), but the key must have been handed over during a personal meeting with the (claimed) key-owner. 2. To satisfy me that the claimed owner actually *does* possess the secret key, they must return to me a sequence of bytes (chosen by me) signed with their secret key and encrypted with my public key. For example, if I meet someone I do not know well, and we exchange keys, I will not sign their key until I have sent them a sequence of text bytes (e.g. an item in radix-64 form signed by my key), and they have returned the same item to me in a message that is signed and encrypted, and I have checked that my original `challenge' and the returned response are *identical*, and that the message signature agrees with their public key that I posssess. (Otherwise, the physical exchange could well prove nothing about the person involved except they possess the public key of the person they are claiming to be.) 3. My signature says that the key and the associated ID that I sign belong together, so far as I can tell. In order not to mislead you, I won't sign key/ID pairs that look wrong to me. For example, I wouldn't sign even my own father's key, if the ID said something like `President of the United States of America'; because he ain't (and I *know* that!). If my father's key also had a (secondary) ID on it that gave his name as I know it, I *would* sign that association, even if another ID is clearly garbage. 4. I would cheerfully sign a key/ID pair, even if I *knew* that the ID was not the real ID of the owner, if it is a reasonable ID. For example, if my Mother had a stage name, I would certainly sign her key with that ID; I would also sign her key with her maiden name. I wouldn't sign her key/ID where the ID wasn't one I had ever heard her use, though. Not even my Mother, much as I trust her otherwise! 5. My best friend, known since childhood, may be a gonzo when dealing with security; I have no objection to signing his key, but you should not assume that says anything about whether or not I would trust *his* signature myself! (It's OK, mate, just joking, I trust you *really*...) -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBKyqRM6soIBpyatDRAQH96AP/RMa0+MENYZ2EZTHZFiS04mgA40A0ncL5 rpuRePDrhBjAqxN/K5xX9rWWKgxiQgo3OvsY93tjFUZ1mn4ESUEscf57rnXE26cL B/jEz+Kn4P4en8107ydl5VvZkkqMj3f3Vyfkuu5YN6KX2NIbpVzQgKSrV4Ah8vob F0GKx8DdsOs= =O2fB -----END PGP SIGNATURE----- -- Tom \/\/illis | 1. twillis@pintu.demon.co.uk | Have PGP 2.0 key DGA Ltd | 2. GBR55N55@IBMMAIL | ... will swap LONDON UK | 3. 100042.446@Compuserve.com | --------------------------------- cut here -----------------------------