From 6700eddaba6ebb5254f59e6494511b833d650b8c Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Mon, 27 Nov 2023 20:25:05 +0100 Subject: [PATCH] There are different implementations of the WoT around, not all of them might use DK sigs as delegations afaik --- book/source/08-signing_components.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/08-signing_components.md b/book/source/08-signing_components.md index ae264a6..be0b7fd 100644 --- a/book/source/08-signing_components.md +++ b/book/source/08-signing_components.md @@ -62,7 +62,7 @@ The meaning of an OpenPGP signature depends significantly on its issuer. Self-si In another instance: - *When issued as a self-signature*, a [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) sets preferences and advertises features applicable to the entire certificate. -- *When issued by a third party*, especially when it carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, a similar direct key signature delegates trust to the signed certificate. This designates the signed certificate as a trust root within the issuer's Web of Trust. +- *When issued by a third party*, especially when it carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, a similar direct key signature delegates trust to the signed certificate. This may designate the signed certificate as a trust root within the issuer's Web of Trust. ## Self-signatures in certificate formation and management