From a3cf766492e0e7fdbdc400ce2c7101e1e7d95831 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 18:44:07 +0100 Subject: [PATCH 1/8] Reorder text --- book/source/01-intro.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index a83cda4..9f00051 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -31,7 +31,9 @@ Three groups of people interact with OpenPGP: 2. Software developers who build applications that contain OpenPGP functionality 3. Implementers of OpenPGP libraries (or other software that directly handles the processing of internal OpenPGP data structures) -This document is focused on the second group, application developers, who use OpenPGP functionality in their software projects. It describes the properties of the OpenPGP system and its uses. It presupposes solid knowledge of software development concepts and of general cryptographic concepts. Thus, this text describes OpenPGP at the "library-level," teaching concepts that will help software developers get started as a user of any implementation (e.g., [OpenPGP.js](https://openpgpjs.org/), [Sequoia-PGP](https://sequoia-pgp.org/)). +This document is not intended for end-users or implementers of OpenPGP libraries (or other software that directly handles internal OpenPGP data structures). + +Instead, this document is focused on the second group, application developers, who use OpenPGP functionality in their software projects. It describes the properties of the OpenPGP system and its uses. It presupposes solid knowledge of software development concepts and of general cryptographic concepts. Thus, this text describes OpenPGP at the "library-level," teaching concepts that will help software developers get started as a user of any implementation (e.g., [OpenPGP.js](https://openpgpjs.org/), [Sequoia-PGP](https://sequoia-pgp.org/)). ```{admonition} TODO :class: warning @@ -48,8 +50,6 @@ arguments: - all of this together: it's now easier than ever to add openpgp functionality to applications, and the updated standard brings the cryptographic building blocks up to the state of the art ``` -This document is not intended for end-users. It is also not for implementers of OpenPGP libraries (or other software that directly handles internal OpenPGP data structures). - ## Why not just use the OpenPGP RFC? The [OpenPGP RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/) From 22b05ed942a826fd385d87d442f27f96cabadecb Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 19:00:33 +0100 Subject: [PATCH 2/8] Motivation text for this document --- book/source/01-intro.md | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index 9f00051..cda982f 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -35,20 +35,9 @@ This document is not intended for end-users or implementers of OpenPGP libraries Instead, this document is focused on the second group, application developers, who use OpenPGP functionality in their software projects. It describes the properties of the OpenPGP system and its uses. It presupposes solid knowledge of software development concepts and of general cryptographic concepts. Thus, this text describes OpenPGP at the "library-level," teaching concepts that will help software developers get started as a user of any implementation (e.g., [OpenPGP.js](https://openpgpjs.org/), [Sequoia-PGP](https://sequoia-pgp.org/)). -```{admonition} TODO -:class: warning +With the emergence of a new crop of modern, high-quality, OpenPGP libraries, and the imminent release of the updated [OpenPGP version 6 specification](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), we think that now is a great time to implement OpenPGP functionality in applications, or to modernize existing OpenPGP subsystems. -Heiko, we should elaborate a bit on why here - -arguments: - -- standardized cryptographic system -- long history, broard support -- lately: many high-quality, modern, library implementations (in the past there were no good ways to integrate openpgp into applications) -- the new version of the standard is almost ready, defining a modernized version 6 of the protocol - -- all of this together: it's now easier than ever to add openpgp functionality to applications, and the updated standard brings the cryptographic building blocks up to the state of the art -``` +We aim to offer an implementation-independent introduction to the OpenPGP technology, to help software developers get their bearings more quickly. The text is also intended as a stepping stone to more easily locate relevant information in the RFC, when necessary. ## Why not just use the OpenPGP RFC? From 53473b025c42b474433f9092787116e8b31b5c4f Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 19:43:07 +0100 Subject: [PATCH 3/8] Remove redundancy --- book/source/01-intro.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index cda982f..8c65f77 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -13,15 +13,13 @@ This text is *not* intended as a guide for end-users of OpenPGP-related software ## What is OpenPGP? -OpenPGP is an open standard for cryptographic operations. It is a system based on well-understood cryptographic building blocks. OpenPGP supports the secure delivery of files and messages between a sender and a recipient as well as verification of the sender. OpenPGP is an outgrowth of the ["Pretty Good Privacy (PGP)"](https://en.wikipedia.org/wiki/Pretty_Good_Privacy) encryption program and has many widely used and [interoperable implementations](interop_section). +OpenPGP is an open standard for cryptographic operations. It is a system based on well-understood [cryptographic building blocks](cyrptography_chapter). OpenPGP supports the secure delivery of files and messages between a sender and a recipient. It also addresses identities and their verification. OpenPGP is an outgrowth of the ["Pretty Good Privacy (PGP)"](https://en.wikipedia.org/wiki/Pretty_Good_Privacy) encryption program and has many widely used and [interoperable implementations](interop_section). With OpenPGP, you can: - [Encrypt](encryption_chapter) and [decrypt](decryption_chapter) messages - [Sign](signing_data) and [verify](verification_chapter) data -- [Issue certifications and examine statements](component_signatures_chapter) about keys and identities, similar to the role of a Certificate Authority in validating identities. - -To enable these operations, OpenPGP utilizes a set of [established cryptographic mechanisms](cyrptography_chapter). These building blocks are integrated into OpenPGP's standard, which also addresses identities and their verification. +- [Issue and validate certifications](component_signatures_chapter) about keys and identities, similar to the role of a Certificate Authority in validating identities. ## Who is the audience for this document? From 75ac101a407c33aa2eaac66288b91cc8063115a5 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 19:47:57 +0100 Subject: [PATCH 4/8] Introduce terms: confidentiality and authenticity --- book/source/01-intro.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index 8c65f77..2ddce83 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -17,8 +17,8 @@ OpenPGP is an open standard for cryptographic operations. It is a system based o With OpenPGP, you can: -- [Encrypt](encryption_chapter) and [decrypt](decryption_chapter) messages -- [Sign](signing_data) and [verify](verification_chapter) data +- [Encrypt](encryption_chapter) and [decrypt](decryption_chapter) messages to achieve confidentiality +- [Sign](signing_data) and [verify](verification_chapter) data to ensure authenticity - [Issue and validate certifications](component_signatures_chapter) about keys and identities, similar to the role of a Certificate Authority in validating identities. ## Who is the audience for this document? From f6bcc532115ac3ec81ad67226f93a117e8e92e61 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 20:36:44 +0100 Subject: [PATCH 5/8] Fix tense --- book/source/01-intro.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index 2ddce83..75b9c3f 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -46,7 +46,7 @@ This document describes OpenPGP concepts at the "library" level of abstraction, ## Which version of OpenPGP does this address? -The documentation will mainly cover version 6 of OpenPGP, while occasionally noting differences to previous versions that are relevant to application developers. +The documentation mainly covers version 6 of OpenPGP, while occasionally noting differences to previous versions that are relevant to application developers. Version 4 of OpenPGP will remain relevant for a number of years; some version 3 artifacts are still in use as of this writing. \ No newline at end of file From 94ef48bdee68e90d9fa594d49fa8f127f233d075 Mon Sep 17 00:00:00 2001 From: "Tammi L. Coles" Date: Fri, 3 Nov 2023 12:16:27 +0100 Subject: [PATCH 6/8] edit https://codeberg.org/openpgp/notes/commit/3ca2bc552937ce40188cd21bded937bdf01f2403 --- book/source/01-intro.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index 75b9c3f..b478f7d 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -33,9 +33,9 @@ This document is not intended for end-users or implementers of OpenPGP libraries Instead, this document is focused on the second group, application developers, who use OpenPGP functionality in their software projects. It describes the properties of the OpenPGP system and its uses. It presupposes solid knowledge of software development concepts and of general cryptographic concepts. Thus, this text describes OpenPGP at the "library-level," teaching concepts that will help software developers get started as a user of any implementation (e.g., [OpenPGP.js](https://openpgpjs.org/), [Sequoia-PGP](https://sequoia-pgp.org/)). -With the emergence of a new crop of modern, high-quality, OpenPGP libraries, and the imminent release of the updated [OpenPGP version 6 specification](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), we think that now is a great time to implement OpenPGP functionality in applications, or to modernize existing OpenPGP subsystems. +With the emergence of a new crop of modern, high-quality OpenPGP libraries, and the imminent release of the updated [OpenPGP version 6 specification](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), we think that now is a great time to implement OpenPGP functionality in applications or to modernize existing OpenPGP subsystems. -We aim to offer an implementation-independent introduction to the OpenPGP technology, to help software developers get their bearings more quickly. The text is also intended as a stepping stone to more easily locate relevant information in the RFC, when necessary. +The goal of this document is to offer an implementation-independent introduction to the OpenPGP technology, assisting software developers in quickly familiarizing themselves and serving as a pathway to relevant information in the RFC. ## Why not just use the OpenPGP RFC? From 661beb75e421dfdba3b5504aee24062770b621d0 Mon Sep 17 00:00:00 2001 From: "Tammi L. Coles" Date: Fri, 3 Nov 2023 12:18:34 +0100 Subject: [PATCH 7/8] correct spelling in https://codeberg.org/openpgp/notes/commit/be01588cce2cb5f0f803da83049e38d07a301c40 --- book/source/01-intro.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index b478f7d..02bd158 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -13,7 +13,7 @@ This text is *not* intended as a guide for end-users of OpenPGP-related software ## What is OpenPGP? -OpenPGP is an open standard for cryptographic operations. It is a system based on well-understood [cryptographic building blocks](cyrptography_chapter). OpenPGP supports the secure delivery of files and messages between a sender and a recipient. It also addresses identities and their verification. OpenPGP is an outgrowth of the ["Pretty Good Privacy (PGP)"](https://en.wikipedia.org/wiki/Pretty_Good_Privacy) encryption program and has many widely used and [interoperable implementations](interop_section). +OpenPGP is an open standard for cryptographic operations. It is a system based on well-understood [cryptographic building blocks](cryptography_chapter). OpenPGP supports the secure delivery of files and messages between a sender and a recipient. It also addresses identities and their verification. OpenPGP is an outgrowth of the ["Pretty Good Privacy (PGP)"](https://en.wikipedia.org/wiki/Pretty_Good_Privacy) encryption program and has many widely used and [interoperable implementations](interop_section). With OpenPGP, you can: From 8bb4baeff75fe5f6edd371e2bd4fc4f5230dd89a Mon Sep 17 00:00:00 2001 From: "Tammi L. Coles" Date: Fri, 3 Nov 2023 12:20:58 +0100 Subject: [PATCH 8/8] change verb in https://codeberg.org/openpgp/notes/commit/ef7a9956e4d09ea942061f9576f6419693af7f12 --- book/source/01-intro.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index 02bd158..4554a6b 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -17,7 +17,7 @@ OpenPGP is an open standard for cryptographic operations. It is a system based o With OpenPGP, you can: -- [Encrypt](encryption_chapter) and [decrypt](decryption_chapter) messages to achieve confidentiality +- [Encrypt](encryption_chapter) and [decrypt](decryption_chapter) messages to preserve confidentiality - [Sign](signing_data) and [verify](verification_chapter) data to ensure authenticity - [Issue and validate certifications](component_signatures_chapter) about keys and identities, similar to the role of a Certificate Authority in validating identities.