ch2: feedback from david

This commit is contained in:
Heiko Schaefer 2023-10-04 16:12:25 +02:00
parent 8ca953e39e
commit 810cec05e2
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D

View file

@ -4,6 +4,13 @@
OpenPGP is an IETF-standardized set of cryptographic operations. OpenPGP defines mechanisms for authentication of cryptographic identities with a decentralized trust model. OpenPGP is an IETF-standardized set of cryptographic operations. OpenPGP defines mechanisms for authentication of cryptographic identities with a decentralized trust model.
```{admonition} TODO
:class: warning
David points out: this section does not yet constitute a compelling endorsement.
(-> more/better text needed)
```
## A very brief history ## A very brief history
The OpenPGP standard has evolved over time, and remains under active development. The OpenPGP standard has evolved over time, and remains under active development.
@ -78,13 +85,13 @@ There is [ongoing work](https://datatracker.ietf.org/doc/draft-wussler-openpgp-p
### Certificates/Keys ### Certificates/Keys
Use of OpenPGP is centered around (asymmetric) cryptographic keys. Use of OpenPGP is centered around cryptographic keys.
In OpenPGP, bare cryptographic keys are combined with additional metadata into "OpenPGP certificates," which are a relatively complex data structure (OpenPGP certificates are also often called "OpenPGP keys"). In OpenPGP, bare cryptographic keys are combined with additional metadata into "OpenPGP certificates," which are a relatively complex data structure (OpenPGP certificates are also often called "OpenPGP keys").
An OpenPGP certificate can evolve over time, with components being added, expiring, or being marked as invalid. An OpenPGP certificate can evolve over time, with components being added, expiring, or being marked as invalid.
See the chapter about [certificates](certificates_chapter) for more on OpenPGP certificates, and their internal makeup, and the chapter about [private keys](private_key_chapter) for handling of private key material in OpenPGP. See the chapter about [OpenPGP certificates](certificates_chapter) for details, and internal structure, and the chapter about [private keys](private_key_chapter) for handling of private key material in OpenPGP.
Other important topics around certificates are their management, authentication, and trust models. We will only touch on those, in this document. Other important topics around certificates are their management, authentication, and trust models. We will only touch on those, in this document.
@ -109,7 +116,9 @@ Historically, interoperability has only been tested in an adhoc manner. Since 20
## Zooming in: Internal structure of OpenPGP data ## Zooming in: Internal structure of OpenPGP data
OpenPGP data is internally structured as "packets." We'll look at examples of this internal structure throughout the following chapters. Familiarizing ourselves with the internal format of OpenPGP data will enable us to more easily debug issues. OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure throughout the following chapters.
Getting familiar with the internal format of OpenPGP data is a good way to get familiar with the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), and it may also come in handy for debugging issues.
Gaining some familiarity with the internal structure of OpenPGP data will also help us to read the OpenPGP RFC, which describes the internal structure of OpenPGP packets in full detail. Gaining some familiarity with the internal structure of OpenPGP data will also help us to read the OpenPGP RFC, which describes the internal structure of OpenPGP packets in full detail.