vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 08:02:05 +01:00
Code Issues Projects Releases Packages Wiki Activity

edit key flags in part

Browse source
This commit is contained in:
Tammi L. Coles 2023-10-19 19:16:11 +02:00 committed by Heiko Schaefer
parent 17e0efb421
commit b484018f41
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
book/source/04-certificates.md
View file

@ -108,21 +108,25 @@ Subkeys have the same structural attributes as the primary key but fulfill a dif
OpenPGP certificates can contain multiple subkeys.
```
### Key flags: defining which operations a component key can perform
#### Defining operational capabilities with Key Flags
```{admonition} Warning
Let's decide whether the capitalization of F is necessary.
```
Each component key has a set of ["Key Flags"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#key-flags) that specify which operations that key can perform.
Each component key has a set of ["Key Flags"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#key-flags) that delineate the operations a key can perform.
The commonly used key flags are:
Commonly used key flags are:
- **C**ertification (issuing third-party certifications)
- **S**igning (signing data)
- **E**ncryption (encrypting data)
- **A**uthentication (commonly used for OpenPGP authentication)
```{admonition} Warning
Accessibility. Is the bolding of C, S, E, A compatible with screenreaders? Is it worth the effort?
```
By convention, only the primary key is allowed to perform "certification" operations. All other operations can be configured on either the primary key or a subkey.
```{note}