Assume that I am transitioning from key A to key B by signing key B with key A and then revoking key A. What do you guys think of including a link to my online transition statement in my signature of B with A as a "signing policy"?
Transition statement explanation: What's the purpose of a PGP transition statement?
If you are signing a link to your transition statement, then the location where people go to look for it is fixed, but there's nothing preventing you or an attacker from changing the text of the transition statement at some point in the future. You really need to sign the transition statement text with the old key, not just the location of the statement.
Assuming you're doing that already and embedding the link is just to help people find it, then sure, why not.
