vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-27 01:52:06 +01:00
Code Issues Projects Releases Packages Wiki Activity

clarify private vs secret in this document

Browse source
This commit is contained in:
Tammi L. Coles 2023-10-13 15:48:49 +02:00 committed by Heiko Schaefer
parent bef3a69be9
commit 773015bdf4
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
book/source/03-cryptography.md
View file

@ -69,7 +69,6 @@ By addressing the malleability problem, AEAD also counters a variation of the EF
[^efail]: A variation of the [EFAIL](https://en.wikipedia.org/wiki/EFAIL) attack can be prevented by both the MDC and AEAD mechanisms. Also see ["No, PGP is not broken, not even with the Efail vulnerabilities,"](https://proton.me/blog/pgp-vulnerability-efail) especially the section "Malleability Gadget Exfiltration Channel Attack." [^efail]: A variation of the [EFAIL](https://en.wikipedia.org/wiki/EFAIL) attack can be prevented by both the MDC and AEAD mechanisms. Also see ["No, PGP is not broken, not even with the Efail vulnerabilities,"](https://proton.me/blog/pgp-vulnerability-efail) especially the section "Malleability Gadget Exfiltration Channel Attack."
## Public-key (asymmetric) cryptography ## Public-key (asymmetric) cryptography
[Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) uses asymmetric pairs of related keys. Each pair consists of a public key and a private key. These systems support encryption, decryption, and digital signature operations. [Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) uses asymmetric pairs of related keys. Each pair consists of a public key and a private key. These systems support encryption, decryption, and digital signature operations.
@ -104,7 +103,9 @@ OpenPGP extensively uses public-key cryptography for encryption and digital sign
```{admonition} Terminology ```{admonition} Terminology
:class: note :class: note
OpenPGP documentation, including the foundational RFC, opts for the term "secret key" over the more commonly used "private key." As a result, you'll encounter the "public/secret key" pairing more frequently than "public/private key." But don't worry; "secret key" and "private key" serve the same purpose in cryptographic operations. This terminology reflects historical preferences in the OpenPGP community, not a difference in technology. OpenPGP documentation, including the foundational RFC, opts for the term "secret key" over the more widely accepted "private key." As a result, in the RFC, you'll encounter the "public/secret key" pairing more frequently than "public/private key." This terminology reflects historical developments in the OpenPGP community, not a difference in technology.
While "secret key" and "private key" serve the same purpose in cryptographic operations, this document will use the more common "public/private" terminology for clarity and consistency with broader cryptographic discussions.
``` ```
### Cryptographic digital signatures ### Cryptographic digital signatures