From 810cec05e23f99ea1437d0c62e2dbab33940405e Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 4 Oct 2023 16:12:25 +0200 Subject: [PATCH] ch2: feedback from david --- book/source/02-highlevel.md | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/book/source/02-highlevel.md b/book/source/02-highlevel.md index 10682d5..ee5f1a0 100644 --- a/book/source/02-highlevel.md +++ b/book/source/02-highlevel.md @@ -4,6 +4,13 @@ OpenPGP is an IETF-standardized set of cryptographic operations. OpenPGP defines mechanisms for authentication of cryptographic identities with a decentralized trust model. +```{admonition} TODO +:class: warning + +David points out: this section does not yet constitute a compelling endorsement. +(-> more/better text needed) +``` + ## A very brief history The OpenPGP standard has evolved over time, and remains under active development. @@ -78,13 +85,13 @@ There is [ongoing work](https://datatracker.ietf.org/doc/draft-wussler-openpgp-p ### Certificates/Keys -Use of OpenPGP is centered around (asymmetric) cryptographic keys. +Use of OpenPGP is centered around cryptographic keys. In OpenPGP, bare cryptographic keys are combined with additional metadata into "OpenPGP certificates," which are a relatively complex data structure (OpenPGP certificates are also often called "OpenPGP keys"). An OpenPGP certificate can evolve over time, with components being added, expiring, or being marked as invalid. -See the chapter about [certificates](certificates_chapter) for more on OpenPGP certificates, and their internal makeup, and the chapter about [private keys](private_key_chapter) for handling of private key material in OpenPGP. +See the chapter about [OpenPGP certificates](certificates_chapter) for details, and internal structure, and the chapter about [private keys](private_key_chapter) for handling of private key material in OpenPGP. Other important topics around certificates are their management, authentication, and trust models. We will only touch on those, in this document. @@ -109,7 +116,9 @@ Historically, interoperability has only been tested in an adhoc manner. Since 20 ## Zooming in: Internal structure of OpenPGP data -OpenPGP data is internally structured as "packets." We'll look at examples of this internal structure throughout the following chapters. Familiarizing ourselves with the internal format of OpenPGP data will enable us to more easily debug issues. +OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure throughout the following chapters. + +Getting familiar with the internal format of OpenPGP data is a good way to get familiar with the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), and it may also come in handy for debugging issues. Gaining some familiarity with the internal structure of OpenPGP data will also help us to read the OpenPGP RFC, which describes the internal structure of OpenPGP packets in full detail.