Pretty Good Privacy
I use PGP for email security. My key fingerprint is 0750 F6BF 8064 E22C 68D2 3D90 0C64 3A97 B51F FCFB. You can download my public key from this Web site or from a public key server.
The majority of the email I send and the Git commits I make are signed with this key, which can be used to verify that I was the author and the contents have not been modified. You can also use this key to send me encrypted email.
If you want to send me encrypted email without setting up your own PGP key, you can use encrypt.to.
Certification policy
When I sign other PGP users' keys, I set the certification level on the signature according to the following definitions.
- Extensive verification (3)
- This level is reserved for people I know personally or professionally. If I use this certification level, I am already confident of the person's identity before I sign their key.
- Casual verification (2)
- This level is used for people who I do not know well, but who have shown me some kind of photo ID like a passport or driving license. Typically, this is the certification level I would use for people I meet at key signing parties.
- No verification (1)
- I use this level for keys which I can confirm are owned by the person who claims to own them, but where the key's user information doesn't contain a real name that can be verified by checking ID.
- Unspecified verification (0)
- I used to use this level for all signatures, before I knew about PGP's system of certification levels. I no longer use it for new signatures.