-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Last Update: 2016-09-25 This is a signed summary of relevant cryptographic information. This document may be used in conjuction with a verified copy of my public key to establish trusted communications through other channels. # PGP Fingerprint 5249 2412 A119 0FC0 87EA 0F1D 70B2 20FF 8D2A CF29 # Signal Fingerprint 05 34 52 29 5d 9a 45 2c d8 fb 77 58 5f 85 33 fa 62 8e 11 ae 36 e6 41 f4 ae 9a 63 bb 50 00 2d 91 12 # OTR Fingerprints xmpp: peter@havenaut.net/nous 05D7ECB2 B4B4EB39 D0F13CD6 BBF391BF C9ADE759 xmpp: peter@librum.org/nous 4ACBFF97 A1752486 CC92AB59 E35B0CAC 00D62218 # SSH Public Key ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDotO5erTRlNWn5fcHjskFdwxDDEaJ3Q/vXfWMK6kpefLA6K3G1r/TH57lDsXpNIuUwt/61JCu7ShWLqrmBeVkhnPj8eBjRLg6UtFumXXDRCCHHLjd8nyZqyVHHNd0ygSwC26F+o5s87W2tkZLZjqvym69xLHlIpE2vxndE/Bk/idBm9ZyWBVANJvEs7CTOpxb+G8C08o6IfcpIP+Qf7P/4ydgNWDWAKWJHbJ+rfzkdsRenfcuN3WVa47jzItM3K0ZL6C7FB6F1FS3uTG9ahGBOltzfx6WKlnuOKwzLmNl7SE6I2otMGQv7O7dw4/qWIE8BWHcb6QBtNvwGY29mJ0nX # PGP Key Signing I will sign other keys according to the following policy. ## Casual (Level 2) I have performed a casual check of the person and key, generally meaning that: * I personally know the subject of the key by the UID, and have for some time; * I can readily and reliably recognize them; and * I verified their key fingerprint through an out-of-band channel, which might include voice or video chat. ## Extensive (Level 3) I have performed an extensive check of the person and key, generally meaning that: * I physically met the person, not by voice or video chat; * they presented me with difficult to forge evidence of their identity; * I verified their key fingerprint at that time; and * I verified that the email address of the UID belongs to the person. ## Notes: * I do not have a specific metric for how long I have to know someone before being willing to certify their key based solely on our relationship. I use my judgement and discretion. * I do not require that the UIDs I certify are someone's birth name, or the name on their government documents. I will certify a persistent pseudonym if that is the name someone goes by. * "[D]ifficult to forge evidence of... identity" often means government issued photo identification which I find convincing. It may also mean a personal attestation from someone who I know well and consider trustworthy. # PGP Key Management My private key was generated offline on an air-gapped computer. All key signing occurs on an offline, air-gapped computer. The key and computer are stored securely in a tamper-evident manner. Signing and encryption subkeys for regular use are stored on a YubiKey NEO. # Bitcoin 1Q17L71zyeWAZDUyiGaqygBnyqNk2uDRiZ -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJX6EwJAAoJEFTpmKxhi8E3ZAQH/1UvnRuNdf3xpxM6AgsWab00 1XBMxoPnTPXZiUKhBPmwYpg6EEaxHXy5Z9OuUeRRdd/FNN8beK/io/S6QGb9+P9+ n2Jv2j5tn44tMrwNz08Rvalby/8v5pHv5VQGdx+34gEuMp2c52sO9PRqIlBWcnsP lMQNLG0rHFckrSyyARp2aMQAjjG6NUi2jZHTS4GtxYVOfATgG+Y25xYBGrjnvsW+ wCdGRShW2wYv7mVi93MZVPrWvEN6uDk6KxEjWYJ31zILLnYYkXndS5qqSN5SyCXM +CxSYLzwC5kM6M97xN2N+PYFnhZLe9aT59QAcMDQ4le14Gipa8Ydun0NIsXcXy8= =Zbb7 -----END PGP SIGNATURE-----