vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 08:02:05 +01:00
Code Issues Projects Releases Packages Wiki Activity

ch4: clarify that this chapter deals with "public keys" only

Browse source
This commit is contained in:
Heiko Schaefer 2023-10-15 10:56:38 +02:00
parent 024e96b2b3
commit 2b018c73ee
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
book/source/04-certificates.md
View file

@ -50,7 +50,7 @@ OpenPGP certificates are typically long-lived and may be changed (typically by t
An OpenPGP certificate usually contains multiple OpenPGP component keys.
OpenPGP component keys consist of an [asymmetric cryptographic keypair](asymmetric_key_pair) and a creation timestamp. These attributes of a component key cannot be changed after creation (in the case of ECDH keys, two additional parameters are part of a component key's constituting data[^ecdh-paramters]).
OpenPGP component keys logically consist of an [asymmetric cryptographic keypair](asymmetric_key_pair) and a creation timestamp. These attributes of a component key cannot be changed after creation (in the case of ECDH keys, two additional parameters are part of a component key's constituting data[^ecdh-paramters]).
[^ecdh-paramters]: For [ECDH](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-algorithm-specific-part-for-ecd) component keys, two additional algorithm parameters are part of the component key's constituting and immutable properties. Those parameters define a hash function and a symmetric encryption algorithm.
@ -59,7 +59,9 @@ OpenPGP component keys consist of an [asymmetric cryptographic keypair](asymmetr
An OpenPGP component key
```
Component key representations that include private key material also contain metadata that specifies the password protection scheme for the private key material.
Component key representations that include private key material also contain metadata that specifies the password protection scheme for the private key material. However, in this chapter, we're looking at *OpenPGP certificates*, which *don't* contain private key information. Each component key of such a certificate contains only the public part of its cryptographic key data. To read more about private keys in OpenPGP, see {numref}`private_key_chapter`.
#### Fingerprint
For each OpenPGP component key, an *OpenPGP fingerprint* can be derived from the combination of the public key material and creation timestamp (and ECDH parameters, if applicable).