mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-27 01:52:06 +01:00
ch4: clarify that this chapter deals with "public keys" only
This commit is contained in:
parent
024e96b2b3
commit
2b018c73ee
1 changed files with 4 additions and 2 deletions
|
@ -50,7 +50,7 @@ OpenPGP certificates are typically long-lived and may be changed (typically by t
|
||||||
|
|
||||||
An OpenPGP certificate usually contains multiple OpenPGP component keys.
|
An OpenPGP certificate usually contains multiple OpenPGP component keys.
|
||||||
|
|
||||||
OpenPGP component keys consist of an [asymmetric cryptographic keypair](asymmetric_key_pair) and a creation timestamp. These attributes of a component key cannot be changed after creation (in the case of ECDH keys, two additional parameters are part of a component key's constituting data[^ecdh-paramters]).
|
OpenPGP component keys logically consist of an [asymmetric cryptographic keypair](asymmetric_key_pair) and a creation timestamp. These attributes of a component key cannot be changed after creation (in the case of ECDH keys, two additional parameters are part of a component key's constituting data[^ecdh-paramters]).
|
||||||
|
|
||||||
[^ecdh-paramters]: For [ECDH](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-algorithm-specific-part-for-ecd) component keys, two additional algorithm parameters are part of the component key's constituting and immutable properties. Those parameters define a hash function and a symmetric encryption algorithm.
|
[^ecdh-paramters]: For [ECDH](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-algorithm-specific-part-for-ecd) component keys, two additional algorithm parameters are part of the component key's constituting and immutable properties. Those parameters define a hash function and a symmetric encryption algorithm.
|
||||||
|
|
||||||
|
@ -59,7 +59,9 @@ OpenPGP component keys consist of an [asymmetric cryptographic keypair](asymmetr
|
||||||
An OpenPGP component key
|
An OpenPGP component key
|
||||||
```
|
```
|
||||||
|
|
||||||
Component key representations that include private key material also contain metadata that specifies the password protection scheme for the private key material.
|
Component key representations that include private key material also contain metadata that specifies the password protection scheme for the private key material. However, in this chapter, we're looking at *OpenPGP certificates*, which *don't* contain private key information. Each component key of such a certificate contains only the public part of its cryptographic key data. To read more about private keys in OpenPGP, see {numref}`private_key_chapter`.
|
||||||
|
|
||||||
|
#### Fingerprint
|
||||||
|
|
||||||
For each OpenPGP component key, an *OpenPGP fingerprint* can be derived from the combination of the public key material and creation timestamp (and ECDH parameters, if applicable).
|
For each OpenPGP component key, an *OpenPGP fingerprint* can be derived from the combination of the public key material and creation timestamp (and ECDH parameters, if applicable).
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue