mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-23 08:02:05 +01:00
ch4: move packet section to the end
This commit is contained in:
Heiko Schaefer
parent
f985121444
commit
1834ef9a5e
1 changed files with 25 additions and 25 deletions
|
|
@ -155,7 +155,28 @@ Alice can link a User ID to her OpenPGP certificate with a cryptographic signatu
|
|||
|
||||
### Hard vs. soft revocations
|
||||
|
||||
## Zooming in: Looking at the package structure and internals
|
||||
|
||||
## Advanced topics
|
||||
|
||||
### Certificate Management / Evolution of a certificate over time
|
||||
|
||||
Minimized versions, merging, effective "append only" semantics, ...
|
||||
|
||||
### Merging
|
||||
|
||||
- How to merge two copies of the same certificate?
|
||||
- Canonicalization
|
||||
|
||||
### How to generate "minimized" certificate?
|
||||
|
||||
### Best Practices regarding Key Freshness
|
||||
|
||||
- Expiry
|
||||
- Subkey rotation
|
||||
|
||||
### Metadata Leak of Social Graph
|
||||
|
||||
## Zooming in: Package structure
|
||||
|
||||
To use OpenPGP, we need "(OpenPGP) keys."
|
||||
|
||||
|
|
@ -397,15 +418,15 @@ Signature Packet, new CTB, 2 header bytes + 131 bytes
|
|||
Note that the two OpenPGP artifacts (public certificate and private key) are almost identical.
|
||||
|
||||
The public certificate uses the packet type "Public-Key Packet" instead of "Secret-Key Packet". The two packet types are very similar. The "Public-Key Packet" leaves out two types of data
|
||||
|
||||
|
||||
* the private key material (visualized in red), and
|
||||
* s2k configuration data, if any (this example doesn't have any).
|
||||
s2k is used when the secret key material is password-protected.
|
||||
|
||||
|
||||
|
||||
|
||||
In the following examples, we will look at OpenPGP private keys only. The corresponding public certificates are easy to imagine (just leave out the private key material).
|
||||
|
||||
|
||||
|
||||
### User IDs
|
||||
|
||||
|
|
@ -616,24 +637,3 @@ From here on, we'll look at the dumps in shorter format (you can see more detail
|
|||
### Certifications (Third Party Signatures)
|
||||
|
||||
### Revocations
|
||||
|
||||
|
||||
## Advanced topics
|
||||
|
||||
### Certificate Management / Evolution of a certificate over time
|
||||
|
||||
Minimized versions, merging, effective "append only" semantics, ...
|
||||
|
||||
### Merging
|
||||
|
||||
- How to merge two copies of the same certificate?
|
||||
- Canonicalization
|
||||
|
||||
### How to generate "minimized" certificate?
|
||||
|
||||
### Best Practices regarding Key Freshness
|
||||
|
||||
- Expiry
|
||||
- Subkey rotation
|
||||
|
||||
### Metadata Leak of Social Graph
|
||||
|
|
|
|||
Loading…
Reference in a new issue