diff --git a/book/source/17-zoom_certificates.md b/book/source/17-zoom_certificates.md index d4d123a..6d35cd3 100644 --- a/book/source/17-zoom_certificates.md +++ b/book/source/17-zoom_certificates.md @@ -172,7 +172,7 @@ Note that the *Public-Key packet* contains only the public part of the key. The next packet in the certificate is a [*Direct Key Signature*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#sigtype-direct-key), which plays a crucial role in binding specific information to the primary key. This signature is contained within the file `alice.pub-1--Signature`. -This packet binds the information within the signature subpackets with the primary key. Each entry under "Signature Packet -> Hashed area" is one signature subpacket, for example, including information about algorithm preferences (*symmetric algorithm preference* and *hash algorithm preferences*). +This packet binds the data within the signature subpackets with the primary key. Each entry under "Signature Packet -> Hashed area" represents one signature subpacket, providing essential information such as algorithm preferences, including *symmetric algorithm preference* and *hash algorithm preferences*. ```text Signature Packet, new CTB, 2 header bytes + 182 bytes @@ -242,18 +242,23 @@ Signature Packet, new CTB, 2 header bytes + 182 bytes 000000b0 54 01 f9 5f 81 41 90 0e ``` -Let’s look at the packet field by field: +Let’s examine the packet field by field: -- `CTB: 0xc2`: The Packet type ID for this packet. Bits 7 and 6 show that the packet is in “OpenPGP packet format” (as opposed to in “Legacy packet format”). The remaining 6 bits encode the type ID’s value: “2.” This is the value for a Signature packet. -- `length: 0xb6`: The remaining length of this packet. +- `CTB: 0xc2`: This field indicates the Packet type ID for this packet. Bits 7 and 6 show that the packet is in “OpenPGP packet format.” The remaining 6 bits encode the type ID’s value, which is “2” for a Signature packet. -The packet type ID defines the semantics of the remaining data in the packet. We're looking at a [Signature packet](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#signature-packet), so the following data is interpreted accordingly. +The packet type ID (`0xc2`) defines the semantics of the remaining data in the packet. In this case, as it indicates a [Signature packet](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#signature-packet), the following data is specific to this signature type. -- `version: 0x06`: This is a version 6 signature (some of the following packet format is specific to this signature version). -- `type: 0x1f`: The [Signature Type](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-signature-types) -- `pk_algo: 0x1b`: Public-key algorithm ID (decimal 27, corresponds to [Ed25519](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-public-key-algorithms)) -- `hash_algo: 0x0a`: Hash algorithm ID (decimal 10, corresponds to [SHA2-512](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-hash-algorithms)) -- `hashed_area_len: 0x0000003d`: Length of the following hashed subpacket data +- `length: 0xb6`: This field shows the remaining length of this packet. + +- `version: 0x06`: This is a version 6 signature. + +- `type: 0x1f`: This indicates the [Signature Type](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-signature-types). + +- `pk_algo: 0x1b`: This specifies the Public-Key algorithm ID. In this case, decimal 27 corresponds to [Ed25519](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-public-key-algorithms)). + +- `hash_algo: 0x0a`: This specifies the hash algorithm ID. In this case, decimal 10 corresponds to [SHA2-512](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-hash-algorithms)). + +- `hashed_area_len: 0x0000003d`: This specifies the length of the following hashed subpacket data. The next part of this packet contains hashed subpacket data. A subpacket data set in an OpenPGP Signature contains a list of zero or more Signature subpackets.