Matis Blog

I am both a CAcert assurer and a user of GPG. I am happy to participate in GPG's Web of Trust and assure anyone who wants to become a CAcert assurer.

Where can you get assured/signed?

I live in Purkersdorf (a little west of Vienna, Austria) and work at the Vienna University of Technology at Karlsplatz. So anywhere close to that or on the way between these two locations is fine for me.

CAcert

I can issue up to 35 points. Feel free to contact me via the contact form on the CAcert-page. However, notice that I impose the usual and then-some restrictions:

• You must show at least one valid (non-expired) government-issued photo-id. This may be a drivers license, an identity card or a passport. There is a neat little list of what would be accepted here.
• The data on the form, your id-card and in the CAcert-system must match exactly. This includes middle names, the e-mail address (on form and in CAcert) and the signature (on form and id). Note that the slightest deviation will cause me to not sign you.
• I realize I am not a graphologist, but I do check the signature as good as I can.
• If the photo on your photo-id looks too different from yourself, I will not accept it. I have seen photos of 13-year-olds shown to me by 25-year-olds - this simply won't work.

GPG

By now I have a pretty well-signed key, the web of trust has only four hops between me and Richard Stallman.

• I only sign a key if I met the person who the key belongs to in real life (online doesn't count as real ;-)).
• You can give me your key either by uploading it to a key-server or by sending it to me via a signed and encrypted e-mail.
• The fingerprint, name, and email you give to me on our meeting have to exactly match the key I get from you. If a key defines multiple user-ids you have to give me all of them at the meeting, if some are missing, the missing uids will not be signed.
• I do check your photo-id (again, government issued, valid, non-expired...), but not every middle-name has to match.
• I do not (although I did in the past) upload the signature directly to the keyserver but I will send it to the addresses defined by the GPG-key. If the GPG-key doesn't define an email-address please tell me in advance if it is not clearly stated by the comment-field.