mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-25 00:52:05 +01:00
Merge pull request 'Fix Proton Mail styling' (#243) from styling into main
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/243
This commit is contained in:
commit
0a76c9222a
2 changed files with 2 additions and 2 deletions
|
@ -50,7 +50,7 @@ Werner Koch for his enduring work on [GnuPG](https://gnupg.org/) and for fosteri
|
||||||
|
|
||||||
[Sequoia-PGP](https://sequoia-pgp.org/), for bringing OpenPGP to the Rust language and developing an essential interoperability test suite.
|
[Sequoia-PGP](https://sequoia-pgp.org/), for bringing OpenPGP to the Rust language and developing an essential interoperability test suite.
|
||||||
|
|
||||||
ProtonMail for maintaining two crucial modern implementations of OpenPGP: [OpenPGP.js](https://openpgpjs.org/) and [GopenPGP](https://gopenpgp.org/).
|
Proton Mail for maintaining two crucial modern implementations of OpenPGP: [OpenPGP.js](https://openpgpjs.org/) and [GopenPGP](https://gopenpgp.org/).
|
||||||
|
|
||||||
## Funding
|
## Funding
|
||||||
|
|
||||||
|
|
|
@ -201,7 +201,7 @@ For example, we might consider minimizing a certificate for distribution via WKD
|
||||||
|
|
||||||
Many certificates can be significantly pruned if the only goal of distributing them is to enable encryption and signature verification. For such cases, many components can be dropped, including invalid subkeys and their binding signatures, authentication subkeys (which are irrelevant to email), shadowed self-signatures, and third-party certifications. With many real-world certificates, the space savings of such a minimization are significant[^space-example].
|
Many certificates can be significantly pruned if the only goal of distributing them is to enable encryption and signature verification. For such cases, many components can be dropped, including invalid subkeys and their binding signatures, authentication subkeys (which are irrelevant to email), shadowed self-signatures, and third-party certifications. With many real-world certificates, the space savings of such a minimization are significant[^space-example].
|
||||||
|
|
||||||
Such minimization might be appropriate and convenient to enable encrypted communication with a ProtonMail client, which automatically fetches OpenPGP certificates via WKD while composing a message. The ProtonMail use case requires only component keys, not third-party certifications, and it doesn't require historical component keys or self-signatures.
|
Such minimization might be appropriate and convenient to enable encrypted communication with a Proton Mail client, which automatically fetches OpenPGP certificates via WKD while composing a message. The Proton Mail use case requires only component keys, not third-party certifications, and it doesn't require historical component keys or self-signatures.
|
||||||
|
|
||||||
However, in a different context, the same certificate might be fetched to verify the authenticity of a signature. In that case, third-party certifications may be crucial for the client. Stripping them could prevent the client from performing Web of Trust calculations and validating the authenticity of the certificate.
|
However, in a different context, the same certificate might be fetched to verify the authenticity of a signature. In that case, third-party certifications may be crucial for the client. Stripping them could prevent the client from performing Web of Trust calculations and validating the authenticity of the certificate.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue