vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 16:12:05 +01:00
Code Issues Projects Releases Packages Wiki Activity
openpgp-notes/book/source/05-private.md

28 lines
865 B
Markdown
Raw Normal View History

Edits in chapter two; add link anchors to point to
2023-09-20 14:48:26 +02:00
(private_key_chapter)=
ch5: outline sketch
2023-09-23 17:35:22 +02:00
# Private keys
Initial outline and old notes (Rough merge of two precursor projects by Heiko, and outline notes by Paul)
2023-09-14 21:30:43 +02:00
mark "TODO"-blocks with admonition markup (also see https://codeberg.org/openpgp/notes/issues/3)
2023-09-26 13:22:12 +02:00
```{admonition} TODO
:class: warning
Initial outline and old notes (Rough merge of two precursor projects by Heiko, and outline notes by Paul)
2023-09-14 21:30:43 +02:00
- Consistently consider private key material as a separate thing from Certificates? (like in pkcs#11?)
ch5: outline sketch
2023-09-23 17:35:22 +02:00
```
## Transferable secret keys
https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-transferable-secret-keys
## Private key operations
The core of private key operations doesn't require access to the whole certificate. A private key subsystem only needs to handle the cryptographic key material.
### OpenPGP card for private keys
[OpenPGP card](https://en.wikipedia.org/wiki/OpenPGP_card) devices are a type of hardware security device. They are one popular way to handle OpenPGP private key material. These devices do not store the full OpenPGP certificate.
## Advanced topics
### TSKs: Best practices S2K + S2K migration?
### The KOpenPGP attack
Reference in a new issue Copy permalink