mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-22 15:42:06 +01:00
use DKS diagram
This commit is contained in:
Heiko Schaefer
parent
70dd5f859b
commit
7ad240323f
1 changed files with 7 additions and 0 deletions
|
|
@ -197,6 +197,13 @@ Key attributes, such as capabilities (like *signing* or *encryption*) and expira
|
||||||
|
|
||||||
It is crucial to note that the components of an OpenPGP certificate remain static after their creation. The use of signatures to store metadata allows for subsequent modifications without altering the original components. For instance, a certificate holder can update the expiration time of a component by issuing a new, superseding signature.
|
It is crucial to note that the components of an OpenPGP certificate remain static after their creation. The use of signatures to store metadata allows for subsequent modifications without altering the original components. For instance, a certificate holder can update the expiration time of a component by issuing a new, superseding signature.
|
||||||
|
|
||||||
|
```{figure} diag/Primary_key_metadata.png
|
||||||
|
:name: fig-primary-metadata
|
||||||
|
:alt: Depicts a direct key signature, associated with a primary component key.
|
||||||
|
|
||||||
|
Metadata can be associated with the primary key using a *direct key signature*
|
||||||
|
```
|
||||||
|
|
||||||
### Defining operational capabilities of component keys with key flags
|
### Defining operational capabilities of component keys with key flags
|
||||||
|
|
||||||
Each component key has a set of ["key flags"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#key-flags) that delineate the operations a key can perform.
|
Each component key has a set of ["key flags"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#key-flags) that delineate the operations a key can perform.
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue