vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 08:02:05 +01:00
Code Issues Projects Releases Packages Wiki Activity

adjust structure

Browse source
This commit is contained in:
Heiko Schaefer 2023-11-07 20:59:53 +01:00
parent 0039afd7fd
commit b73789d1c8
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
book/source/08-signing_components.md
View file

@ -15,7 +15,9 @@ This chapter adds detail to material we discussed in the {ref}`certificates_chap
Separately, signatures on components serve as a central building block for OpenPGP's decentralized authentication functionality. Separately, signatures on components serve as a central building block for OpenPGP's decentralized authentication functionality.
## Self-signatures: Forming certificates and life-cycle management ## Who signs?
### Self-signatures: Forming certificates and life-cycle management
*Self-signatures* are issued by the certificate's owner, using the primary key of the same certificate. *Self-signatures* are issued by the certificate's owner, using the primary key of the same certificate.
@ -25,13 +27,13 @@ Signatures on components are also a central mechanism for life-cycle management
The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is not required in order to issue certifying self-signatures. This key flag is only necessary to issue valid third-party certifications. The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is not required in order to issue certifying self-signatures. This key flag is only necessary to issue valid third-party certifications.
``` ```
## Third-party certifications: Encoding authentication ### Third-party certifications: Encoding authentication
Mechanisms for decentralized authentication of identities are one of OpenPGPs core strengths: Signatures on components by third parties can be used for the authentication of identities. Mechanisms for decentralized authentication of identities are one of OpenPGPs core strengths: Signatures on components by third parties can be used for the authentication of identities.
Using OpenPGP signatures, identity claims can be certified by third parties. Similarly, authentication decisions can be delegated using signatures. Using OpenPGP signatures, identity claims can be certified by third parties. Similarly, authentication decisions can be delegated using signatures.
## Meaning differs between self- and third-party signatures ### Meaning differs between self- and third-party signatures
The meaning of a signature depends in part on who issued it. A self-signature performs a different function than the same type of signature issued by a third party. The meaning of a signature depends in part on who issued it. A self-signature performs a different function than the same type of signature issued by a third party.