There are different implementations of the WoT around, not all of them might use DK sigs as delegations afaik

This commit is contained in:
Paul Schaub 2023-11-27 20:25:05 +01:00
parent a7abea94ee
commit 6700eddaba
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -62,7 +62,7 @@ The meaning of an OpenPGP signature depends significantly on its issuer. Self-si
In another instance: In another instance:
- *When issued as a self-signature*, a [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) sets preferences and advertises features applicable to the entire certificate. - *When issued as a self-signature*, a [direct key signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-direct-key-signature-type-i) sets preferences and advertises features applicable to the entire certificate.
- *When issued by a third party*, especially when it carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, a similar direct key signature delegates trust to the signed certificate. This designates the signed certificate as a trust root within the issuer's Web of Trust. - *When issued by a third party*, especially when it carries a [trust signature](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-trust-signature) subpacket, a similar direct key signature delegates trust to the signed certificate. This may designate the signed certificate as a trust root within the issuer's Web of Trust.
## Self-signatures in certificate formation and management ## Self-signatures in certificate formation and management