I use my personal S/MIME certificate, issued by CAcert, with most of my email correspondence. If you wish to send me encrypted email and do not have a PGP key, you should download this beforehand.
I am able to offer 15 points to those I assure as part of CAcert's Web of Trust programme. It is available to anyone able to get to either Hatfield or Stevenage, in Hertfordshire.
I am also willing to sign PGP keys. My key is in the strong set.
In late 2011 I migrated to a new 4096-bit RSA key pair. If you have signed my old key (0x6DC48D95), please read the transition statement and consider signing my new key too.
pub 4096R/427543E0 2011-11-01 [expires: 2014-10-31]
Key fingerprint = 4242 E30A 4F8B 8638 0014 D2E7 33D5 5277 4275 43E0
uid Nicholas Shanks
uid Nicholas Shanks <nickshanks@gmail.com>
uid Nicholas Shanks <nickshanks@nickshanks.com>
uid [jpeg image of size 13154]
sub 4096R/270F69F3 2011-11-01 [expires: 2014-10-31]
For reference, here is my retired DSA/ElGamal key:
pub 1024D/6DC48D95 2005-12-01
Key fingerprint = 970A 4C6D A94D A4CC D1F7 9928 0511 C4A0 6DC4 8D95
uid Nicholas Shanks <contact@nickshanks.com>
uid Nicholas Shanks <nickshanks@gmail.com>
sub 2048g/BE6CADEC 2005-12-01
I will no longer use this key to make new signatures, however it will remain active until all pertanent signatures have been migrated.
My policy for signing keys is that I must have met you face-to-face, seen either your passport, UK driving license, or two other forgery-resistant photo IDs (e.g. foreign driving license and national identity card), and that you assert that the fingerprint I have for your key is correct. I will then corrispond with you using this key and you must decrypt and reply before I will sign that UID. I will send signed UIDs to the coresponding email address in an encrypted email. If you can receive and decrypt your public key, that confirms the email address is valid and the recipient holds the private key. I will sign photo UIDs and name-only UIDs on the basis of the meeting alone, and either exchange these at the meeting, or forward them to a verified email address. I will not upload your signed key to a keyserver unless you request that I do, and I ask that you do not upload my key either.
Generally I use level 2 signatures, however if you are very familiar to me and we have known one another over a period of several years, I will use a level 3 signature. If you can only provide one photo ID which is neither a passport nor UK driving license photocard, I will use a level 1 signature.
If you will be bringing identity documents from countries other than the United Kingdom, Ireland or Germany, you should inform me before the meeting so that I can familiarise myself with the anti-forgery properties of your documents.
Lastly, I maintain my owner-trust database, and recommend that you do the same. An easy-to-understand demonstration of owner-trust is presented in the KGpg Manual, specifically where it refers to a character called George.
— Nicholas Shanks, last updated 24 January 2012.