v2019.1 - Apr 20, 2019
As of 2006-07-24, I'm signing all outgoing email with my OpenPGP key (email address removed to prevent spam):
pub rsa4096/0x31E5FE63E2FC4825 2006-07-24 [SC] [expires: 2081-01-01] Key fingerprint = 607D 555B 2B11 B1B3 916A CBDE 31E5 FE63 E2FC 4825 uid [ultimate] Gonzalo Bermúdez uid [ultimate] [jpeg image of size 1346] uid [ultimate] Gonzalo Bermúdez sub rsa2048/0xFAD48D16B6984691 2017-02-11 [A] [expires: 2081-01-01] sub rsa2048/0x03621B410C71A6B4 2019-04-20 [E] [expires: 2020-06-01] sub rsa2048/0xCE73F69A01041AE0 2019-04-20 [S] [expires: 2029-06-01]
These signatures mean only that it's very probably me who wrote those emails unless otherwise stated, and nothing else.
In certain situations, I may be unable or unwilling to sign a certain email. I should be contacted in case you need to confirm it was me who wrote it.
Due to the fact that it's so easy to forge an identity, there's absolutely no guarantee that an unsigned email came from me. It is also possible although unlikely, that my key gets compromised. Thus a signed email is no guarantee either, and it's up to you to determine the value of such a signature.
This statement should be extended to any other signatures I issue, like files or any other message type.
This policy can and should be checked against its detached signature, issued by the master key since the signing key is affected.
Copyright (c) 2006-2019 Gonzalo Bermúdez
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2.