vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-22 07:32:05 +01:00
Code Issues Projects Releases Packages Wiki Activity

use DKS diagram

Browse source
This commit is contained in:
Heiko Schaefer 2023-11-27 21:48:16 +01:00
parent 70dd5f859b
commit 7ad240323f
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
book/source/04-certificates.md
View file

@ -197,6 +197,13 @@ Key attributes, such as capabilities (like *signing* or *encryption*) and expira
It is crucial to note that the components of an OpenPGP certificate remain static after their creation. The use of signatures to store metadata allows for subsequent modifications without altering the original components. For instance, a certificate holder can update the expiration time of a component by issuing a new, superseding signature.
```{figure} diag/Primary_key_metadata.png
:name: fig-primary-metadata
:alt: Depicts a direct key signature, associated with a primary component key.
Metadata can be associated with the primary key using a *direct key signature*
```
### Defining operational capabilities of component keys with key flags
Each component key has a set of ["key flags"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#key-flags) that delineate the operations a key can perform.