From b73789d1c8e4c831841196c69287a83478f25f54 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Tue, 7 Nov 2023 20:59:53 +0100 Subject: [PATCH] adjust structure --- book/source/08-signing_components.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/book/source/08-signing_components.md b/book/source/08-signing_components.md index 73f07b7..d3b0746 100644 --- a/book/source/08-signing_components.md +++ b/book/source/08-signing_components.md @@ -15,7 +15,9 @@ This chapter adds detail to material we discussed in the {ref}`certificates_chap Separately, signatures on components serve as a central building block for OpenPGP's decentralized authentication functionality. -## Self-signatures: Forming certificates and life-cycle management +## Who signs? + +### Self-signatures: Forming certificates and life-cycle management *Self-signatures* are issued by the certificate's owner, using the primary key of the same certificate. @@ -25,13 +27,13 @@ Signatures on components are also a central mechanism for life-cycle management The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is not required in order to issue certifying self-signatures. This key flag is only necessary to issue valid third-party certifications. ``` -## Third-party certifications: Encoding authentication +### Third-party certifications: Encoding authentication Mechanisms for decentralized authentication of identities are one of OpenPGP’s core strengths: Signatures on components by third parties can be used for the authentication of identities. Using OpenPGP signatures, identity claims can be certified by third parties. Similarly, authentication decisions can be delegated using signatures. -## Meaning differs between self- and third-party signatures +### Meaning differs between self- and third-party signatures The meaning of a signature depends in part on who issued it. A self-signature performs a different function than the same type of signature issued by a third party.