swap chapters on signing components and data

This commit is contained in:
Heiko Schaefer 2023-10-27 00:10:53 +02:00
parent 06d3e1f230
commit 0cf0c2069c
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
3 changed files with 24 additions and 23 deletions

View file

@ -26,17 +26,6 @@ show our visuals for these two layers of meaning:
- box with yellow tag-thing, including sig-circle
```
## Structure of an OpenPGP signature
As outlined above, an OpenPGP signature is a composite data structure, which combines:
- A *signature type ID*, which specifies the intended meaning of the signature,
- Metadata (which is variable and depends in part on the type ID),
- Most of this metadata is encoded as so-called "subpackets," see {ref}`signature_subpackets`,
- A raw cryptographic signature.
The cryptographic signature is calculated by its issuer. It certifies a hash digest, which in turn combines a set of input data. The exact input data depends on the signature type. Roughly: the hash digest is over the elements that the OpenPGP signature makes a statement about, combined with the metadata in the OpenPGP signature packet itself. More on this later.
## Types of signatures in OpenPGP
The OpenPGP standard defines a set of [Signature Types](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-signature-types), each identified by a numerical *signature type ID*. Signature types define the intent of a signature, and how it needs to be interpreted.
@ -48,12 +37,23 @@ An overview of signature types in OpenPGP
Most OpenPGP signature types can be classified as either:
- *Signatures on components* (that is: signatures that apply to component keys or identity components), or
- *Signatures over data*.
- *Signatures over data*, or
- *Signatures on components* (that is: signatures that apply to component keys or identity components).
In this chapter, we discuss the general principles of OpenPGP signatures.
In this chapter, we discuss the general principles of OpenPGP signatures, which apply to all types of OpenPGP signatures.
For more detail about specific types of signatures, see the chapters {ref}`component_signatures_chapter` and {ref}`signing_data`, respectively.
For more detail about specific types of signatures, see the chapters {ref}`signing_data` and {ref}`component_signatures_chapter`, respectively.
## Structure of an OpenPGP signature
As outlined above, an OpenPGP signature is a composite data structure, which combines:
- A *signature type ID* (see above), which specifies the intended meaning of the signature,
- Metadata (which is variable and depends in part on the type ID),
- Most of this metadata is encoded as so-called "subpackets," see {ref}`signature_subpackets`,
- A raw cryptographic signature.
The cryptographic signature is calculated by its issuer. It certifies a hash digest, which in turn combines a set of input data. The exact input data depends on the signature type. Roughly: the hash digest is over the elements that the OpenPGP signature makes a statement about, combined with the metadata in the OpenPGP signature packet itself. More on this later.
(signature_subpackets)=
## Signature subpackets

View file

@ -12,25 +12,26 @@ In this chapter, we'll consider OpenPGP signatures that apply to components. Tha
- Component keys (primary keys or subkeys), or
- Identity components (User IDs or User attributes).
## Different kinds of signatures on components
## Self-signatures and third-party signatures
There are two important scenarios to distinguish. Signatures on components can be issued by:
There are two important scenarios to distinguish:
- The certificate's owner, using the primary key of the same certificate. We call these *self-signatures*. Or
- Using a key that is part of a different certificate. We call these *third-party signatures*.
- *Self-signatures*: Issued by the certificate's owner, using the primary key of the same certificate.
- *Third-party signatures*: Issued by a key that is part of a different certificate.
## Context-specific meaning
### Meaning differs between self- and third-party signatures
The meaning of a signature depends in part on who issued it. A self-signature has a different meaning from a signature issued by a third party.
The meaning of a signature depends in part on who issued it. A self-signature often has a different meaning from a signature issued by a third party.
For example:
- A [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) issued as a self-signature can be used to set preferences and advertise features that apply to the whole certificate, while
- A similar [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) issued by a third party, which carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, acts as a statement by the issuer that they delegate trust to the signed certificate (WoT).
- A similar [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) issued by a third party, which carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, acts as a statement by the issuer that they delegate trust to the signed certificate (the issuer thereby uses the remote certificate as a trust root in the *Web of Trust*).
Or:
Self-certifications of types `0x10` - `0x13` can be used to bind a User ID to a certificate, while the same signature types issued by a third party are statements by the signer that they have checked the authenticity of the signed User ID to some degree.
- Certifying self-signatures (type IDs `0x10` - `0x13`) are used to bind a User ID to a certificate, while
- the same signature type IDs issued by a third party are statements by the signer that they endorse the authenticity of the signed User ID to some degree.
There are further signature types for signatures on data, as well as designated types to bind and revoke subkeys.