From 4b9c064a8bad876bc07382d98e4fe92007347d73 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Sat, 25 Nov 2023 15:43:24 +0100 Subject: [PATCH] it seems confusing to imply that bob will necessarily distribute a third-party certification, this is only true some of the time --- book/source/08-signing_components.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/08-signing_components.md b/book/source/08-signing_components.md index 86318e8..25a4a6e 100644 --- a/book/source/08-signing_components.md +++ b/book/source/08-signing_components.md @@ -207,7 +207,7 @@ Third-party signatures in OpenPGP primarily encode authentication statements for When a signer issues a certifying signature on an identity, it indicates a verified link between the identity and the certificate. That is, the signer vouches for the connection. -For example, Alice can certify Bob's User ID `Bob Baker ` with his certificate `0xB0B`, by creating a certification signature that binds Bob's User ID and Bob's certificate. Bob then distributes Alice's certifying signature as part of his certificate. +For example, Alice can certify Bob's User ID `Bob Baker ` with his certificate `0xB0B`, by creating a certification signature that binds Bob's User ID and Bob's certificate. Bob can then distribute Alice's certifying signature as part of his certificate. Other users may or may not decide to rely on Alice's statement.