-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Key Signing Policy for Hans-Peter Bock.

pub  4096R/9B0746D1 2005-05-07 Hans-Peter Bock <hpbock@avaapgh.de>
uid                            Hans-Peter Bock <hpbock@dwarf.members.selfnet.de>
sub  2048g/80CD2EAA 2005-05-07 [expires: 2013-05-05]
sub  1024D/0287D654 2005-05-07 [expires: 2009-05-06]

Before I sign a key, I

  - verify the identity of the person owning the to-be-signed key by 
    either knowing them for a long time or looking at their identity 
    card or equivalent proof of identity.
  - receive the key fingerprint from the key owner directly.

A signature is always on an user id. By signing an user id, I confirm

  - that the person, who gave me the fingerprint of that key, has the 
    claimed name.

Description of my use of trustlevels:

  sig3 - I have verified the identity and verified, that the email
         address of the signed uid belongs to the person, who has 
         control over the key by doing a challenge-response (via
         encrypted email).

  sig2 - I have verified the identity - but not the email address (for
         example because the key does not support encryption to it).

  sig1 - unused at the moment.

You can get my key from a keyserver, which should support multiple subkeys
(like sks.dnsalias.net or random.keyserver.penguin.de).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFClN8ZB3mPzwKH1lQRAkZ+AJ49s5+p5A5dSHJQyW69whNw0/++MACeOvou
elvvIuYp+I9k2oXVg41S+Yw=
=Pgpv
-----END PGP SIGNATURE-----