fabianrodriguez.com

GNU Privacy Guard - OpenPGP

Thawte Web of Trust - Have your x.509 certificate notarized in Montreal, QC, Canada

Attend an OpenPGP meetup in your city/country and have your public key signed!

International visitors,
choose a translation :

  

OpenPGP and Thawte web of trust

Notarization and keysigning in Montréal, Québec, Canada

Fabián A. Rodríguez - Toxik Technologies Inc.
This Digital Trust WebRing site owned by Fabian Rodriguez.
[ Previous 5 Sites | Previous | Next | Next 5 Sites ]
[ Random Site | List Sites ]

What is the "Web of Trust" ?

The Web of Trust (or WOT) is a very simple principle. You decide who you trust and based on that, you validate their identity by signing their digital certificate. When using x.509 technologies this is mostly known as notarization. When using OpenPGP, this is known as public key signing. Events where people gather to do this are often called notarization parties or keysigning parties, respectively.

How do I get my OpenPGP publik key(s) signed ?

OpenPGP Keysigning

OpenPGP keysigning implies trust and validity is given by the person signing your public key(s). To get me to sign your personal or business OpenPGP public key, please follow these steps:
  1. Carefully review my keysigning policy and rules. If you do not accept it, please do not contact me.

  2. Make sure you understand the principles of the OpenPGP web of trust, as described in the Web of Trust section of Introduction to Cryptography (Ch. 1, p. 33).

  3. Check my entry at Biglumber.com for my availability. I live in Montreal, QC, Canada, but you may check if I am not available at an event in another city/country.

  4. Send me your public key and it's UID (0xXXXXXXXX), indicating where to get it or include it directly in your message, by using this form.

  5. We will then arrange for a meeting in person during which I will verify your ID information, prior to signing your public key(s).

  6. Please show up. If you don't, please call me. If you don't call me, I won't like it :)

OpenPGP Web of Trust

To learn more about the OpenPGP Web of Trust, I suggest the following links:
  • GPG Keysigning party guide - a guide to organizing an OpenPGP keys exchange event
  • Biglumber.com - a site where you can make yourself available or find an individual or an event where other OpenPGP key holders will be able to sign your key and certify your identity.
  • Keyanalyze reports - verify the level of trust according to MSD, mean shortest distance to other OpenPGP keys
  • OpenPGP key pathfinder - find the trust path of signaturesbetween your key and somebody else's

How can I get my name on my Thawte's personal certificate ?

Thawte x.509 Notarization

In order to have your name appear in such certificates, you must go through notarization by a member of the Web of Trust. Otherwise the name information in your certificate will only contain "FreeMail member". I have been notarized since January 2000 and I can help you getting the points you need to be notarized.

If you have not already done so, please enroll in the Thawte Personal Certification System to become a Freemail user. You will then obtain a personal certificate that I can notarize as beeing yours. This certifies that I have personally verified your identity, along with a limited number of other notaries, until you get enough points. I personally prefer trust based on OpenPGP. You can obtain Thawte notarization by following these steps, in order.

  1. Carefully review my notarization policy and rules. If you do not accept it, please do not contact me.

  2. Make sure you have read about the Thawte's Web of Trust and understand its concept.

  3. Make sure you have read and understood the Thawte's Web of Trust rules - If you do not follow these rules then you may be liable if people suffer damages as a consequence.

  4. Send me an email including your current Free Certificate. To get my email, write me a short note via this form, telling me you are ready to be notarized. If you are a group, give me the number of people that will be with you.

  5. You must bring two copies of the Confirmation of Identity form (english,french, spanish Acrobat PDF files) , filled out but not signed. We will both sign it at the same time. I might be able to provide it when we meet, but it is not always the case.

  6. If you have arranged to see more notaries from Montréal at the same time, bring 2 copies of the form for each notary, plus copies of all your IDs for each one.

  7. Please show up. If you don't, please call me. If you don't call me, I won't like it :)

Thawte Web of Trust

Thawte's web of trust uses its web site to deliver certification of identity services. At this time we are 5 notaries in Quebec province.

Notarization and keysigning policy

This policy has been in effect and strictly applied to all notarization and keysigning services I have performed in the past.
  • I am not available to notarize people individually more than once a month, unless we have a special arrangement.
  • I will only notarize people with documents from Canada and from Colombia. Here is my policy regarding the documents you'll need:
    • [OpenPGP] Three (3) of either the medicare card (assurance maladie), driver's license, birth certificate or Passport.

    • [OpenPGP] A sheet where you list all you key(s) UIDs, key type(s) and OpenPGP fingerprint(s)

    • [Thawte] The original document which number served as the basis for your Thawte ID.

    • [Thawte] If you are an immigrant and your ID is based on foreign documentation you will have to bring your original IMM1000 certificate. You'll still need to show me any of the previously mentioned documents.

    • [Thawte] I can give you a maximum of 35 points. If you present any 3 IDs, I'll give you 35 points. If you present 1 ID and a Canadian passport, I'll give you 35 points. If you don't present one of the two document packages I just described, don't bother coming.

    • [Thawte] You must bring a legible photocopy of each of the above (it can be on the same sheet) for every person that will be notarizing you (for example, bring two if you're coming to see me and my partner). Thawte requires that we keep these copies in file.

    • [All] At least 2 of the documents must have a photo, and the photos must look like you

    • [All] I am sorry but I can't assert your ID based on foregin documents since I don't know them. Please do not insist on this.

  • Pricing :
    • [All] Although this is a non-profit service, I will charge 10$ if you are alone. For a group of 2+, I charge 5$/person. If you have a valid student or teacher ID along with a current schedule/invoice, and are 3 or more people I won't charge.
    • [OpenPGP] I won't charge you if you are also signing all of my public keys (currently 2).


FastCounter by bCentral