vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-22 07:32:05 +01:00
Code Issues Projects Releases Packages Wiki Activity

ch4: new text about preferences/features

Browse source
This commit is contained in:
Heiko Schaefer 2023-11-14 23:39:23 +01:00
parent c6888559f5
commit 6f609c7f88
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 18 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
book/source/04-certificates.md
View file

@ -207,11 +207,25 @@ Notably, in many algorithms, encryption and signing-related functionalities (i.e
### Algorithm preferences and feature signaling
```{admonition} TODO
:class: warning
OpenPGP has a lot of ["cryptographic agility"](https://en.wikipedia.org/wiki/Cryptographic_agility). That is, OpenPGP doesn't just use one fixed set of algorithms, but defines a suite of cryptographic primitives that users (or their applications) can pick from.
Write a section about algorithm preference/feature signaling
```
This agility has the advantage that adoption of new cryptographic primitives into the standard is relatively easy, and can be done without disruption. Users can gradually migrate to using new cryptographic mechanisms.
However, it also means that OpenPGP software needs to figure out which mechanisms a set of communication partners can handle and prefers. To do this, there are a number of mechanisms in OpenPGP that can be negotiated between sender and recipient. The sender interprets the preferences of the recipient:
- [Preferred Hash Algorithms](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#preferred-hashes-subpacket)
- [Preferred Symmetric Ciphers for v1 SEIPD](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#preferred-v1-seipd)
- [Preferred AEAD Ciphersuites](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#preferred-v2-seipd)
- [Features](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#features-subpacket)
- [Preferred Compression Algorithms](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#preferred-compression-subpacket)
In addition to these explicitly expressed preferences, implementations also deduce capabilities of communication partners based on the OpenPGP version of the certificate that they write to.
#### User ID-specific preferences
As a starting point, a certificate has a set of preferences that apply generally. These are defined either in a direct key signature, or via the primary User ID of the certificate.
Additionally, OpenPGP allows modeling User ID-specific preferences. The idea is that a user may prefer a different suite of algorithms on their private email account compared to their work email account. Such identity-specific preferences can be expressed on the certifying signatures that bind User IDs to a certificate.
## Revocations