diff --git a/book/source/06-signatures.md b/book/source/06-signatures.md index 45539df..fe1af12 100644 --- a/book/source/06-signatures.md +++ b/book/source/06-signatures.md @@ -26,17 +26,6 @@ show our visuals for these two layers of meaning: - box with yellow tag-thing, including sig-circle ``` -## Structure of an OpenPGP signature - -As outlined above, an OpenPGP signature is a composite data structure, which combines: - -- A *signature type ID*, which specifies the intended meaning of the signature, -- Metadata (which is variable and depends in part on the type ID), - - Most of this metadata is encoded as so-called "subpackets," see {ref}`signature_subpackets`, -- A raw cryptographic signature. - -The cryptographic signature is calculated by its issuer. It certifies a hash digest, which in turn combines a set of input data. The exact input data depends on the signature type. Roughly: the hash digest is over the elements that the OpenPGP signature makes a statement about, combined with the metadata in the OpenPGP signature packet itself. More on this later. - ## Types of signatures in OpenPGP The OpenPGP standard defines a set of [Signature Types](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-signature-types), each identified by a numerical *signature type ID*. Signature types define the intent of a signature, and how it needs to be interpreted. @@ -48,12 +37,23 @@ An overview of signature types in OpenPGP Most OpenPGP signature types can be classified as either: -- *Signatures on components* (that is: signatures that apply to component keys or identity components), or -- *Signatures over data*. +- *Signatures over data*, or +- *Signatures on components* (that is: signatures that apply to component keys or identity components). -In this chapter, we discuss the general principles of OpenPGP signatures. +In this chapter, we discuss the general principles of OpenPGP signatures, which apply to all types of OpenPGP signatures. -For more detail about specific types of signatures, see the chapters {ref}`component_signatures_chapter` and {ref}`signing_data`, respectively. +For more detail about specific types of signatures, see the chapters {ref}`signing_data` and {ref}`component_signatures_chapter`, respectively. + +## Structure of an OpenPGP signature + +As outlined above, an OpenPGP signature is a composite data structure, which combines: + +- A *signature type ID* (see above), which specifies the intended meaning of the signature, +- Metadata (which is variable and depends in part on the type ID), + - Most of this metadata is encoded as so-called "subpackets," see {ref}`signature_subpackets`, +- A raw cryptographic signature. + +The cryptographic signature is calculated by its issuer. It certifies a hash digest, which in turn combines a set of input data. The exact input data depends on the signature type. Roughly: the hash digest is over the elements that the OpenPGP signature makes a statement about, combined with the metadata in the OpenPGP signature packet itself. More on this later. (signature_subpackets)= ## Signature subpackets diff --git a/book/source/08-signing_data.md b/book/source/07-signing_data.md similarity index 100% rename from book/source/08-signing_data.md rename to book/source/07-signing_data.md diff --git a/book/source/07-signing_components.md b/book/source/08-signing_components.md similarity index 96% rename from book/source/07-signing_components.md rename to book/source/08-signing_components.md index c31eda4..cbf184e 100644 --- a/book/source/07-signing_components.md +++ b/book/source/08-signing_components.md @@ -12,25 +12,26 @@ In this chapter, we'll consider OpenPGP signatures that apply to components. Tha - Component keys (primary keys or subkeys), or - Identity components (User IDs or User attributes). -## Different kinds of signatures on components +## Self-signatures and third-party signatures -There are two important scenarios to distinguish. Signatures on components can be issued by: +There are two important scenarios to distinguish: -- The certificate's owner, using the primary key of the same certificate. We call these *self-signatures*. Or -- Using a key that is part of a different certificate. We call these *third-party signatures*. +- *Self-signatures*: Issued by the certificate's owner, using the primary key of the same certificate. +- *Third-party signatures*: Issued by a key that is part of a different certificate. -## Context-specific meaning +### Meaning differs between self- and third-party signatures -The meaning of a signature depends in part on who issued it. A self-signature has a different meaning from a signature issued by a third party. +The meaning of a signature depends in part on who issued it. A self-signature often has a different meaning from a signature issued by a third party. For example: - A [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) issued as a self-signature can be used to set preferences and advertise features that apply to the whole certificate, while -- A similar [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) issued by a third party, which carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, acts as a statement by the issuer that they delegate trust to the signed certificate (WoT). +- A similar [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) issued by a third party, which carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, acts as a statement by the issuer that they delegate trust to the signed certificate (the issuer thereby uses the remote certificate as a trust root in the *Web of Trust*). Or: -Self-certifications of types `0x10` - `0x13` can be used to bind a User ID to a certificate, while the same signature types issued by a third party are statements by the signer that they have checked the authenticity of the signed User ID to some degree. +- Certifying self-signatures (type IDs `0x10` - `0x13`) are used to bind a User ID to a certificate, while +- the same signature type IDs issued by a third party are statements by the signer that they endorse the authenticity of the signed User ID to some degree. There are further signature types for signatures on data, as well as designated types to bind and revoke subkeys.