From be11d61d35bd1e4bbb64e79b6ba0875edb901db4 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Fri, 15 Sep 2023 17:51:24 +0200 Subject: [PATCH] ch1: minor changes to structure; some clarifications and fixes. --- book/source/01-intro.md | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/book/source/01-intro.md b/book/source/01-intro.md index 7d95c6a..2ffe86a 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -8,7 +8,7 @@ This text is *not* intended as a guide for end-users of OpenPGP-related software ## What is OpenPGP? -OpenPGP is an open standard for cryptographic operations. OpenPGP supports the secure delivery of files and messages between a sender and a recipient as well as verification of the sender. OpenPGP is an outgrowth of the ["Pretty Good Privacy (PGP)"](https://en.wikipedia.org/wiki/Pretty_Good_Privacy) encryption program and has many widely used and interoperable implementations. +OpenPGP is an open standard for cryptographic operations. It is a system based on well-understood cryptographic building blocks. OpenPGP supports the secure delivery of files and messages between a sender and a recipient as well as verification of the sender. OpenPGP is an outgrowth of the ["Pretty Good Privacy (PGP)"](https://en.wikipedia.org/wiki/Pretty_Good_Privacy) encryption program and has many widely used and interoperable implementations. ```Heiko, let's be sure to create our own page on interoperability instead of linking to this``` @@ -16,31 +16,28 @@ OpenPGP is an open standard for cryptographic operations. OpenPGP supports the s ## Who is the audience for this document? -OpenPGP is a system based on well-understood cryptographic building blocks. Three groups of people interact with OpenPGP: +Three groups of people interact with OpenPGP: 1. End-users, who use software that contains OpenPGP functionality (e.g., the Thunderbird email software) 2. Software developers who build applications that contain OpenPGP functionality -3. Implementers of libraries or software that handles the processing of internal OpenPGP data structures +3. Implementers of OpenPGP libraries (or other software that directly handles the processing of internal OpenPGP data structures) This document is focused on the second group, software developers, who use OpenPGP functionality in their software projects. It describes the properties of the OpenPGP system and its uses. It presupposes solid knowledge of software development concepts and of general cryptographic concepts. Thus, this text describes OpenPGP at the "library-level," teaching concepts that will help software developers get started as a user of any implementation (e.g., OpenPGP JS, Sequoia PGP). ```Heiko, we should elaborate a bit on why here``` -This document is not intended for end-users. It is also not for implementers of libraries or software. +This document is not intended for end-users. It is also not for implementers of OpenPGP libraries (or other software that directly handles internal OpenPGP data structures). ## Why not just use the OpenPGP RFC? The [OpenPGP RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/) -defines *the message formats used in OpenPGP* to *provide encryption with public-key or symmetric cryptographic algorithms, digital signatures, compression and key management.* +defines *the message formats used in OpenPGP.* That is, it describes the internal structure of OpenPGP data, which is crucial for OpenPGP library implementers. However, this level of detail is not required for software developers who use OpenPGP via a library. -The RFC explains details (what goes where) that are crucial for implementers of software that handle internal OpenPGP data structures. However, it is not as critical for software developers who use OpenPGP through a library. - -This document describes OpenPGP concepts at the "library" level of abstraction, ignoring much about how OpenPGP artifacts are encoded at the lowest level to address common OpenPGP artifacts as they are -currently used. +This document describes OpenPGP concepts at the "library" level of abstraction, omitting unnecessary detail about the internal encoding of OpenPGP artifacts. Instead, we focus on the properties of these OpenPGP artifacts and how they are used, while adding context that is not elaborated on in the RFC. ## Which version of OpenPGP does this address? -The documentation will mainly cover version 4 of OpenPGP, while occasionally noting differences to previous versions that are relevant to application developers. +The documentation will mainly cover version 6 of OpenPGP, while occasionally noting differences to previous versions that are relevant to application developers. Version 4 of OpenPGP will remain relevant for a number of years; some version 3 artifacts are still in use as of this writing. \ No newline at end of file