Added some blurb about how signing is done and what should not be

done.  Courtesy of Brian Ristuccia and Steve Langasek.

CVS version numbers

english/events/keysigning.wml: 1.1 -> 1.2

1 files changed, 49 insertions, 2 deletions

diff --git a/english/events/keysigning.wml b/english/events/keysigning.wml
index b58517a4da1..1035a86952a 100644
--- a/english/events/keysigning.wml
+++ b/english/events/keysigning.wml
@@ -6,8 +6,34 @@ improve the web of trust.  Especially for people who are new to the
 project, keysigning and meeting other developers has been very
 interesting.
 
-<p>The following list intends to help you with running a keysigning
-session.
+<p>This document intends to help you with running a keysigning
+session.  People should only sign a key under at least two conditions:
+
+<ol>
+
+<li>The key owner convinces the signer that the identity in the UID is
+   indeed their own identity by whatever evidence the signer is
+   willing to accept as convincing.  Usually this means the key owner
+   must present a government issued ID with a picture and information
+   that match up with the key owner. (Some signers know that
+   government issued ID's are easily forged and that the trustability
+   of the issuing authorities is often suspect and so they may require
+   additional and/or alternative evidence of identity).
+
+<li>The key owner verifies that the fingerprint of the key about to be
+   signed is indeed their own.
+
+</ol>
+
+Most importantly, if the key owner is not actively participating in
+the exchange, you won't be able to complete either requisite 1 or 2.
+Nobody can complete the key owner's part of requisite 1 on the key
+owner's behalf, because otherwise anyone with a stolen ID card could
+easily get a PGP key to go with it by pretending to be an agent of the
+keyowner.  Nobody can complete the key owner's part of requisite 2 on
+the key owner's behalf, since the agent could substitute the
+fingerprint for a different PGP key with the key owner's name on it
+and get someone to sign the wrong key.
 
 <ul>
 
@@ -44,3 +70,24 @@ session.
 <li> Quit GnuPG with <code>quit</code>
 
 </ul>
+
+<h3>What you should not do</h3>
+
+<p>You should never sign a key for somebody else you haven't met
+personally.  Signing a key based on anything other than first-hand
+knowledge destroys the utility of the Web of Trust.  If ones friend
+presents other developers with your ID card and your fingerprint, but
+you are not there to verify that the fingerprint belongs to you, what
+do other developers have to link the fingerprint to the ID?  They have
+only the friend's word, and the other signatures on your key -- this
+is no better than if they signed your key just because other people
+have signed it!
+
+<p>It is nice to get more signatures on ones key, and it is tempting
+to cut a few corners along the way.  But having trustworthy signatures
+is more important than having many signatures, so it's very important
+that we keep the keysigning process as pure as we can.  Signing
+someone else's key is an endorsement that you have first-hand evidence
+of the keyholder's identity.  If you sign it when you don't really
+mean it, the Web of Trust can no longer be trusted.
+