Is it okay to sign a PGP key without an IRL meeting?
In the end, you can sign whoever you want to. There's nobody to control you and nothing to check what you're doing (and how you're doing it).
I would consider signing a well-known (to me) person's key valid, if I can be sure I'm receiving his key untampered over a secure channel. If you're totally sure to be able to recognize his voice or make some other check it's the right person (eg. by asking questions only he is able to answer on the phone), I'd be fine with signing a key this person sends me over this established trustworthy connection (eg. by speaking it into the phone). I'd not be fine with signing a key found on a keyserver (everybody can upload keys for arbitrary UIDs, have a look at all the president's keys) or received in an unsigned (without a signature by another already trusted key) e-mail.
Trust in Identity
When you give a "sig3" on your friend's key by using the gpg sign
command, you certify you're (pretty) sure he really is the person he pretends to be using his UIDs. When the Debian maintainer signs your key, he's certifying that you are the person you're pretending to be.
That's all for now. Neither you nor the Debian maintainer made any statement on whether they trust in your capabilities (or your friend's) to carefully perform key signings.
The signing policy you mentioned can help others to decide on how they put trust in the signatures you issued.
Trust in the Person's Capabilities and Motives ("Vouching")
If you're sure that your friend is capable of reliably signing other keys, you can put another kind of trust on his key using gpg trust
. Using this, you can order GnuPG to regard the signatures issued by your friend as if they're issued by yourself.
This information is only valid for yourself; it is neither included in keyservers nor otherwise exported keys:
A key's trust level is something that you alone assign to the key, and it is considered private information. It is not packaged with the key when it is exported; it is even stored separately from your keyrings in a separate database. (from the GnuPG manual)
Having (multiple) trust paths ("identity signatures", the kind of trust I explained first in this answer) to some unknown can be read as hint everything should be fine, but remember you're trusting everybody in the trust chain right now. Most of the people are honest and well-capable of performing valid signatures, but haven't you ever been perceived by somebody you wouldn't have expected it of? If somebody really has a reason to fraud you, he might be able to somehow get a chain of trust on some weird paths.
There is an excellent article about trust in OpenPGP: There's Trust and Then There's Trust and Then There's Trust.
If I don't know you beforehand, then what sense can it have, for me, to be fairly sure that I communicate with the real you ? For all I know, I cannot be sure that you exist at all, and your existence will remain irrelevant to me as long as you do not interact with me.
That's the main, big, blatant failure of PGP's Web of Trust: it tries to ensure strong linking of public keys to identities, without bothering to first define a consistent notion of "identity".
For instance, right now, by this very message, I begin interacting with what I can assume to be (plausibly) some sentient being (presumed human, then) who somehow chose, for that one question, to go under the pseudonym of "Diti" and a face which looks vaguely like a duck. If I want to exchange confidential emails with that human entity, then I will want to send the messages to "the Diti who wrote that specific question in security.SE". That is the notion of identity I would want to use. PGP's key signing would link some public keys, that I don't know beforehand, to email addresses, that I don't know either ! To be effective, people who "sign keys" would have to sign statements like: "I, [email protected], guarantee that public key 0xA7C083FE really belongs to the guy (or girl) who wrote the 'Is it okay to sign a PGP key without an IRL meeting?' question on security.SE on My 9th, 2013".
You can meet all the Bobs on Earth and have them all sign your key, with the highest "checking levels", it won't give me any useful information. Linking your private key to your name or email address has no meaning to me, unless I already know you for some other reason -- at which point the WoT with its automatic chaining through complete strangers just loses any relevance.
There is another side to the same question: why would you want to guarantee, with such implacable strength, that a given public key is really yours ? If it works, it will only make all your signed messages traceable to you, and usable as proofs against you. That's like bringing your own shovel to a cemetery.
In the case of digital signatures, nobody in his right frame of mind should actively pursue the possibility of producing signatures. What we want is other people to generate signatures.
Therefore, my answer is that you can sign keys with whatever "policy level" you wish; it won't break PGP's Web of Trust because there is nothing to actually break.
(Which is kind of a blessing. A world where PGP's Web of Trust works is a world where everybody is uniquely identified, pinpointed in space and time, and globally accountable. When you come down to it, that would be quite Orwellian, i.e. awesome but scary.)