mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-22 23:52:05 +01:00
adjust structure
This commit is contained in:
parent
0039afd7fd
commit
b73789d1c8
1 changed files with 5 additions and 3 deletions
|
@ -15,7 +15,9 @@ This chapter adds detail to material we discussed in the {ref}`certificates_chap
|
||||||
|
|
||||||
Separately, signatures on components serve as a central building block for OpenPGP's decentralized authentication functionality.
|
Separately, signatures on components serve as a central building block for OpenPGP's decentralized authentication functionality.
|
||||||
|
|
||||||
## Self-signatures: Forming certificates and life-cycle management
|
## Who signs?
|
||||||
|
|
||||||
|
### Self-signatures: Forming certificates and life-cycle management
|
||||||
|
|
||||||
*Self-signatures* are issued by the certificate's owner, using the primary key of the same certificate.
|
*Self-signatures* are issued by the certificate's owner, using the primary key of the same certificate.
|
||||||
|
|
||||||
|
@ -25,13 +27,13 @@ Signatures on components are also a central mechanism for life-cycle management
|
||||||
The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is not required in order to issue certifying self-signatures. This key flag is only necessary to issue valid third-party certifications.
|
The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is not required in order to issue certifying self-signatures. This key flag is only necessary to issue valid third-party certifications.
|
||||||
```
|
```
|
||||||
|
|
||||||
## Third-party certifications: Encoding authentication
|
### Third-party certifications: Encoding authentication
|
||||||
|
|
||||||
Mechanisms for decentralized authentication of identities are one of OpenPGP’s core strengths: Signatures on components by third parties can be used for the authentication of identities.
|
Mechanisms for decentralized authentication of identities are one of OpenPGP’s core strengths: Signatures on components by third parties can be used for the authentication of identities.
|
||||||
|
|
||||||
Using OpenPGP signatures, identity claims can be certified by third parties. Similarly, authentication decisions can be delegated using signatures.
|
Using OpenPGP signatures, identity claims can be certified by third parties. Similarly, authentication decisions can be delegated using signatures.
|
||||||
|
|
||||||
## Meaning differs between self- and third-party signatures
|
### Meaning differs between self- and third-party signatures
|
||||||
|
|
||||||
The meaning of a signature depends in part on who issued it. A self-signature performs a different function than the same type of signature issued by a third party.
|
The meaning of a signature depends in part on who issued it. A self-signature performs a different function than the same type of signature issued by a third party.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue