Message Signing Policy for Gonzalo Bermúdez

v1.2 - August 4, 2007

Policy statement

As of 2006-07-24, I'm signing all outgoing email with my OpenPGP key (email address removed to prevent spam):

pub   4096R/E2FC4825 2006-07-24
uid                  Gonzalo Bermúdez <>
uid                  [jpeg image of size 1346]
sub   1024D/C6348680 2006-07-24
sub   2048g/BDDC0C50 2006-07-24 [expires: 2008-07-23]

These signatures mean only that it's very probably me who wrote those emails unless otherwise stated, and nothing else.

In certain situations, I may be unable or unwilling to sign a certain email. I should be contacted in case you need to confirm it was me who wrote it.

Due to the fact that it's so easy to forge an identity, there's absolutely no guarantee that an unsigned email came from me. It is also possible although unlikely, that my key gets compromised. Thus a signed email is no guarantee either, and it's up to you to determine the value of such a signature.

This statement should be extended to any other signatures I issue, like files or any other message type.

Version history

Version 1.2, 2007-07-04
Fixed XHTML issues.
Version 1.1, 2006-08-30
Corrected some typos.
Version 1.0, 2006-08-27
Initial release.

This policy can and should be checked against its detached signature.


Copyright (c) 2006 Gonzalo Bermúdez

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2.