wowana.me

website source

commit 3abf50ca846916d0e6df728e24f418f57ea2b308
parent ebeea1f07d1d614b656a5e8a976a2879dbea2499
Author: opal hart <opal@wowana.me>
Date:   Sat, 16 Jan 2021 16:45:37 +0000

pgp: add signing policies

Diffstat:
M
src/pgp.md
 | 
33
+++++++++++++++++++++++++++++++++

1 file changed, 33 insertions(+), 0 deletions(-)
diff --git a/src/pgp.md b/src/pgp.md
@@ -16,3 +16,36 @@ can verify this by using <kbd>gpg --refresh-keys</kbd>, <kbd>gpg
 https://wowana.me/pgp/0x41CE277C721A889E.asc</kbd>.
 
 I'm [keybase/opal](altnet://keybase.io/opal) as well.
+
+## subkeys
+
+* `C ed25519/0xFB02FDAFD6C05FE4`, offline master key
+* `E cv25519/0x4C0D6F0D872C89C2`, [Mareep](/pages/devices.xht#mareep)
+* `S ed25519/0xD64AC4EF1563A64E`, [Mareep](/pages/devices.xht#mareep)
+* `S ed25519/0xCCA79DEDC63CA163`, [kanpachi](/pages/devices.xht#kanpachi.wowana.me)
+* <del>`S ed25519/0x36F6D82A4CD82407`, revoked, unknown use</del>
+* `A ed25519/0xDB9E5D2DF2699CDE`, [mahin](/pages/devices.xht#mahin.wowana.me)
+* `A rsa4096/0xF283980C907A0ACB`, [mahin](/pages/devices.xht#mahin.wowana.me), to authenticate with
+  dropbear on [raimu](/pages/devices.xht#raimu.wowana.me) and [minits](/pages/devices.xht#minits.wowana.me)
+* <del>`A ed25519/0x3BB3A966C0AA790C`, revoked, unknown use</del>
+* <del>`A ed25519/0x1D5BC97BF7D713C1`, revoked, [kanpachi](/pages/devices.xht#kanpachi.wowana.me)</del>
+
+## keysigning policies
+
+### signature levels
+
+<ol>
+<li value="0">this key is in my ring; I trust it casually but make no
+formal assumption as to the key's legitimacy.</li>
+<li>I have reasonable belief that this identity is the keyholder's, for
+example by verifying on their official website or via a service such as
+Keybase.</li>
+<li>as level 1, in addition to verifying the keyholder's E-mail
+address.</li>
+<li>as level 2, in addition to verifying the keyholder's identity in
+person.</li>
+</ol>
+
+### signing procedure
+
+dude trust me lmao