mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-23 08:02:05 +01:00
finish current version of ch17, UserID+certification self-sig
This commit is contained in:
parent
a487db6996
commit
05d2e15fee
1 changed files with 19 additions and 17 deletions
|
@ -655,9 +655,9 @@ Essentially, a User ID packet is just a string marked as a User ID by the packet
|
||||||
|
|
||||||
### Linking the User ID with a certification self-signature
|
### Linking the User ID with a certification self-signature
|
||||||
|
|
||||||
As above, when [linking a subkey](zoom_enc_subkey) to the OpenPGP certificate, a self-signature is used to connect this new component to the certificate.
|
Similar to [linking a subkey](zoom_enc_subkey) to the OpenPGP certificate, a self-signature is used to connect this new component to the certificate.
|
||||||
|
|
||||||
To bind identities to a certificate with a self-signature, one of the signature types `0x10` - `0x13` can be used. Here, the signature type `0x13` (*positive certification*) is used.
|
To bind identities to a certificate with a self-signature, signature types `0x10` - `0x13` can be used. Here, the signature type `0x13` (*positive certification*) is used.
|
||||||
|
|
||||||
```text
|
```text
|
||||||
$ sq packet dump --hex alice.pub-3--Signature
|
$ sq packet dump --hex alice.pub-3--Signature
|
||||||
|
@ -732,13 +732,13 @@ Signature Packet, new CTB, 2 header bytes + 185 bytes
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
We'll go over this packet dump in less detail, since its structure closely mirrors the [Direct Key Signature](zooming_in_dks) discussed above.
|
Because this packet structure closely mirrors the [Direct Key Signature](zooming_in_dks) discussed above, we will cover this succinctly.
|
||||||
|
|
||||||
We're again looking at a Signature packet. Its `type` is `0x13` ([corresponding](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-signature-types) to a *positive certification* signature).
|
We're again looking at a Signature packet. Its `type` is `0x13` ([corresponding to a *positive certification* signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-signature-types)).
|
||||||
|
|
||||||
The public key algorithm and hash function used for this signature are Ed25519 and SHA512.
|
The designated public key algorithm and hash function for this signature are Ed25519 and SHA512, respectively.
|
||||||
|
|
||||||
As shown in the text at the top of this packet dump, the hashed subpacket data contains the following metadata:
|
As shown in the text atop this packet dump, the hashed subpacket data contains the following metadata:
|
||||||
|
|
||||||
- Signature creation time: `2023-09-29 15:17:58 UTC` (**critical**)
|
- Signature creation time: `2023-09-29 15:17:58 UTC` (**critical**)
|
||||||
- Key expiration time: `P1095DT62781S` (**critical**)
|
- Key expiration time: `P1095DT62781S` (**critical**)
|
||||||
|
@ -747,16 +747,16 @@ As shown in the text at the top of this packet dump, the hashed subpacket data c
|
||||||
- Primary User ID: `true` (**critical**)
|
- Primary User ID: `true` (**critical**)
|
||||||
- Key flags: `C` (**critical**)
|
- Key flags: `C` (**critical**)
|
||||||
- Features: `MDC`
|
- Features: `MDC`
|
||||||
- Issuer Fingerprint: `AAA18CBB254685C58358320563FD37B67F3300F9FB0EC457378CD29F102698B3`
|
- Issuer fingerprint: `AAA18CBB254685C58358320563FD37B67F3300F9FB0EC457378CD29F102698B3`
|
||||||
|
|
||||||
This is a combination of metadata about the User ID itself (including defining this User ID as the *primary User ID* of this certificate), algorithm preferences that are associated with this identity, and settings that apply to the primary key.
|
This is a combination of metadata about the User ID itself (designating this User ID as the *primary User ID* of this certificate), algorithm preferences for this identity, and settings that apply to the primary key.
|
||||||
|
|
||||||
````{note}
|
````{note}
|
||||||
For historical reasons, the self-signature that binds the primary User ID to the certificate also contains subpackets that apply not to the User ID, but to the primary key itself.
|
Historically, the self-signature that binds the primary User ID to the certificate also contains subpackets relevant not to the User ID, but to the primary key itself.
|
||||||
|
|
||||||
Setting key expiration time and key flags on the primary User ID self-signature is one mechanism to configure the primary key.
|
Setting key expiration time and key flags on the primary User ID self-signature is one mechanism to configure the primary key.
|
||||||
|
|
||||||
The interaction between metadata on direct key signatures and User ID binding self-signatures [is subtle](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-notes-on-self-signatures), and there are changes between version 6 and version 4.
|
The interaction between metadata on direct key signatures and User ID binding self-signatures [is subtle](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-notes-on-self-signatures), with changes between version 6 and version 4.
|
||||||
|
|
||||||
|
|
||||||
```{admonition} TODO
|
```{admonition} TODO
|
||||||
|
@ -767,16 +767,18 @@ The interaction between metadata on direct key signatures and User ID binding se
|
||||||
|
|
||||||
````
|
````
|
||||||
|
|
||||||
Followed, again, by the (informational) unhashed subpacket area.
|
This section is followed, again, by the (informational) unhashed subpacket area.
|
||||||
|
|
||||||
And finally, a salt value for the signature and the signature itself.
|
Subsequently, we see a salt value for the signature and the signature itself.
|
||||||
|
|
||||||
The signature is calculated over a hash. The hash, in this case, is calculated over the following data (for details, see [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC):
|
The signature is calculated over a hash. The hash, in this case, is derived from the following data:
|
||||||
|
|
||||||
- The signature's salt
|
- the signature's salt
|
||||||
- A serialized form of the primary key's public data
|
- the serialized primary key's public data
|
||||||
- A serialized form of the User ID
|
- the serialized User ID
|
||||||
- A serialized form of this self-signature packet (up to, but excluding the unhashed area)
|
- the serialized self-signature packet (excluding the unhashed area)
|
||||||
|
|
||||||
|
Refer to [Computing Signatures](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-computing-signatures) in the RFC for details.
|
||||||
|
|
||||||
## Certifications (Third Party Signatures)
|
## Certifications (Third Party Signatures)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue