I just created a PGP/GPG key signing policy. I’ve never set one before, so there it is.
The motivation is three-fold: I want raise awareness for encrypted email, I want to expand the Web of Trust and I want to sign keys. I believe we’ve gotten too anal retentive about the rituals of signing each others keys, and I would like to bring it more to the forefront of the general public. There is no reason why email shouldn’t be encrypted 100% of the time, and doing the Song and Dance of creating a conga line, reciting fingerprints, and verifying identifications has probably gone a little overboard.
Thus, on my policy page, you’ll notice that I’m willing to sign your key if you just send me $1 USD along with your email address and key. I’ll return the $1 after I’ve signed it. Or, you can send me a colored scan of your U.S. passport or driver license, and I’ll sign your key. Crazy? Maybe. I’m fairly confident, however, that the government, or powerful enemies, isn’t planning a coordinated attack against my identity.