ch10: outline

book/source/10-encryption.md

@@ -1,11 +1,33 @@
 (encryption_chapter)=
 # Encryption
 
-```
-  - High Level overview of the message encryption process
-    - SED vs. SEIPD (v1) vs. SEIPD w/ AEAD (v2)
-  - Encrypt for multiple/single subkey per certificate?
-  - "Negotiating" algorithms based on recipients preference subpackets
-    - Prevent "downgrade" -> Policy
-  - Implications of how a recipient cert is "addressed" (fingerprint/key-ID vs. user-ID) (preferences, expiration, revocation)
-```
+[Encryption](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#section-2.1) is one of the core facilities of OpenPGP. It provides confidentiality.
+
+## High-Level overview of the message encryption process
+
+Core concept:
+
+- The plaintext is encrypted with a symmetric "session key."
+- The "session key" itself is stored in encrypted form, possibly multiple times:
+  - The session key is encrypted to the encryption keys of each intended recipient of the message.
+  - Alternatively, or additionally, the session key may be encrypted using a passphrase (this mode of operation doesn't require any OpenPGP certificates.)
+
+## Generations of encryption
+
+### SEIPD w/ AEAD (v2)
+
+### SEIPD (v1)
+
+### SED
+
+## Advanced topics
+
+### Encrypt for multiple/single subkey per certificate?
+
+### "Negotiating" algorithms based on recipients preference subpackets
+
+#### Prevent "downgrade" -> Policy
+
+### Implications of how a recipient cert is "addressed" (fingerprint/key-ID vs. user-ID) (preferences, expiration, revocation)
+
+## Zooming in: Package structure and internals