Certification policy
====================
Version 2

I never sign someone's key without having met him or her in
person. Usually, this involves:

1) Meeting in real life, exchanging key fingerprints
2) exchanging government-issued IDs, and checking the person's name
   against the names on the key

However, in case I already know the person with whom I'm exchanging
keys, step 2 may be skipped.

Next, I sign the key. To ensure that email addresses are valid, the
following procedure is used for each email address:

1) I import a clean version of the key
2) I check whether the key fingerprint matches the one I was given
   before.
3) I sign the uid related to the email address I'm checking
4) I export the key, encrypt it, and mail that to the email address I'm
   checking.
5) I remove the key from my keyring again, so that the signature isn't
   there anymore. In case there are more keys, go back to step one.

In following this procedure, uids with email addresses that were not
on the paper containing the key fingerprint are skipped.

I think this is careful checking, so I never tell gpg I didn't do
careful checking.

I sign photo UIDs only when I know the person on the picture well enough to be
sure it is, indeed, that person. This is also the case for Rene Engelhard (even
though I didn't sign his key with the policy URL set to this document, but to
the previous version which does not include this info)