diff --git a/book/source/03-cryptography.md b/book/source/03-cryptography.md index 0cbe953..29a6398 100644 --- a/book/source/03-cryptography.md +++ b/book/source/03-cryptography.md @@ -1,9 +1,10 @@ # Cryptographic concepts/terms -``` -Lars suggests that we should have a chapter where we introduce cryptographic terms that we use, and give short definitions (without getting into how specific algorithms work) +```{admonition} TODO +:class: warning -This would be a good place to introduce visualizations for cryptographic primitives +- Introduce cryptographic primitives/terms at a very superficial level +- Introduce visualizations for cryptographic primitives ``` ## Public-key cryptography @@ -45,17 +46,24 @@ OpenPGP makes heavy use of public-key cryptography. However, for historical reas So when reading the RFC, or other documentation, you will encounter the term "secret key," instead of the more common "private key." -### Symmetric encryption +## Symmetric encryption https://en.wikipedia.org/wiki/Symmetric-key_algorithm -[TODO: visualization?] +```{admonition} TODO +:class: warning -#### Symmetric cryptography in OpenPGP +- visualization? +``` + +### Symmetric cryptography in OpenPGP Symmetric encryption is a core concept in OpenPGP. It usually comes up involving the term "session key." "Session keys" in OpenPGP are symmetric cryptographic keys. +## Hashing + ## Cryptographic signatures +## AEAD diff --git a/book/source/05-private.md b/book/source/05-private.md index f4c11a7..ae4d001 100644 --- a/book/source/05-private.md +++ b/book/source/05-private.md @@ -1,7 +1,9 @@ (private_key_chapter)= # Private keys -``` +```{admonition} TODO +:class: warning + - Consistently consider private key material as a separate thing from Certificates? (like in pkcs#11?) ``` diff --git a/book/source/07-signing_data.md b/book/source/07-signing_data.md index 94753b5..7ec8512 100644 --- a/book/source/07-signing_data.md +++ b/book/source/07-signing_data.md @@ -1,2 +1,13 @@ (signing_data)= # Signatures over data + +```{admonition} TODO +:class: warning + +Add content, including: + +- Signature of a binary document + +- Signature of a canonical text document + - "The signature is calculated over the text data with its line endings converted to ``" +``` diff --git a/book/source/08-signature_internals.md b/book/source/08-signature_internals.md index 29658bc..f9f2234 100644 --- a/book/source/08-signature_internals.md +++ b/book/source/08-signature_internals.md @@ -1,6 +1,8 @@ # Signature "internals" -``` +```{admonition} TODO +:class: warning + - Subpackets and how to make sense of them - "Negotiating" signature hash algorithm based on recipients preference subpackets - Explore viability of having multiple signatures, e.g. v4+v6? diff --git a/book/source/11-decryption.md b/book/source/11-decryption.md index 053af88..363bb07 100644 --- a/book/source/11-decryption.md +++ b/book/source/11-decryption.md @@ -1,7 +1,9 @@ (decryption_chapter)= # Decryption -``` +```{admonition} TODO +:class: warning + - using expired certificate? - using revoked certificate? - using expired subkey? diff --git a/book/source/15-migration.md b/book/source/15-migration.md index 83f1d6c..9bb57a5 100644 --- a/book/source/15-migration.md +++ b/book/source/15-migration.md @@ -1,5 +1,7 @@ # Migration from v4 to v6 -``` +```{admonition} TODO +:class: warning + Also see: https://wiki.gnupg.org/OpenPGPEmailSummit202305Notes ``` diff --git a/book/source/16-policy.md b/book/source/16-policy.md index 60e8177..d85f4f4 100644 --- a/book/source/16-policy.md +++ b/book/source/16-policy.md @@ -1,6 +1,8 @@ # Algorithms and Policy -``` +```{admonition} TODO +:class: warning + - What algorithms are trustworthy? -> Depend on regulatory bodies like the BSI? - How to decide, when to deprecate / reject algorithms (how to be competent) - Transitioning from one set of algorithms to another (Interoperability)