diff --git a/book/source/04-certificates.md b/book/source/04-certificates.md index 2d856d2..667617d 100644 --- a/book/source/04-certificates.md +++ b/book/source/04-certificates.md @@ -7,9 +7,9 @@ OpenPGP fundamentally hinges on the concept of "OpenPGP certificates," often ref The term "(cryptographic) keys" is central to grasping the concept of OpenPGP certificates. However, it can refer to different entities, making it a potentially confusing term. Let's clarify those differences. -### Private vs. public keys +### Public vs. private keys -First, without additional context, the word "key" can refer either to public, or to private asymmetric key material (or even to symmetric keys, which can be used to encrypt private key material in OpenPGP keys). +The term "key," without additional context, can refer to either public or private asymmetric key material. In asymmetric cryptography, fundamental to the OpenPGP standard, a pair of keys is used: a public key for encryption and a corresponding private key for decryption. The public key is shared openly, allowing others to encrypt data meant for the individual who owns the key pair, while the private key is kept confidential by the key pair owner, ensuring only they can decrypt and access the encrypted data. Additionally, symmetric keys may be used in OpenPGP to encrypt private key material, adding a layer of security and complexity. ### Layers of "keys," in OpenPGP