I have recently created a new PGP key (5E8511F9). Here are the principles I will follow when signing other keys with this new key. They do not apply to signatures by my older keys.

  1. My signature indicates I have verified the identity of the owner of the key. It does not indicate anything else.
  2. I only sign keys of people I've met before, and can remember without being prompted.
  3. For people I have known for years and have met many times, I do not need government ID.
  4. For other people, I need a passport or a Finnish ID card, since these are the only forms of ID I have any hope of recognizing as valid.
  5. I do not participate in keysigning parties.

I am, however, happy to sign keys under these conditions.