Note that DKS is preferred in v6

This commit is contained in:
Heiko Schaefer 2023-11-21 12:30:18 +01:00
parent ade8edd697
commit ae2c732730
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB

View file

@ -176,7 +176,7 @@ For example, the capabilities of a component key, such as *signing* or *encrypti
Instead, this kind of metadata is stored as part of the signature packets that join components into an OpenPGP certificate: Instead, this kind of metadata is stored as part of the signature packets that join components into an OpenPGP certificate:
- For the primary key, its key flags and other metadata can be defined in two ways: - For the primary key, its key flags and other metadata can be defined in two ways:
- With a [direct key signature](direct_key_signature) on the primary key, - With a [direct key signature](direct_key_signature) on the primary key (preferred method in OpenPGP version 6),
- or by associating the metadata with the [Primary User ID](primary_user_id). - or by associating the metadata with the [Primary User ID](primary_user_id).
- For subkeys, metadata is defined with the [subkey binding signature](binding_subkeys) that links the subkey to the certificate. - For subkeys, metadata is defined with the [subkey binding signature](binding_subkeys) that links the subkey to the certificate.
- For identity components like User IDs, metadata is associated via the [certifying self-signature](bind_ident) that links the identity to the certificate. - For identity components like User IDs, metadata is associated via the [certifying self-signature](bind_ident) that links the identity to the certificate.