mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-27 01:52:06 +01:00
edit key flags in part
This commit is contained in:
parent
e7bf063c92
commit
bec23c73f7
1 changed files with 7 additions and 3 deletions
|
@ -108,21 +108,25 @@ Subkeys have the same structural attributes as the primary key but fulfill a dif
|
||||||
OpenPGP certificates can contain multiple subkeys.
|
OpenPGP certificates can contain multiple subkeys.
|
||||||
```
|
```
|
||||||
|
|
||||||
### Key flags: defining which operations a component key can perform
|
#### Defining operational capabilities with Key Flags
|
||||||
|
|
||||||
```{admonition} Warning
|
```{admonition} Warning
|
||||||
Let's decide whether the capitalization of F is necessary.
|
Let's decide whether the capitalization of F is necessary.
|
||||||
```
|
```
|
||||||
|
|
||||||
Each component key has a set of ["Key Flags"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#key-flags) that specify which operations that key can perform.
|
Each component key has a set of ["Key Flags"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#key-flags) that delineate the operations a key can perform.
|
||||||
|
|
||||||
The commonly used key flags are:
|
Commonly used key flags are:
|
||||||
|
|
||||||
- **C**ertification (issuing third-party certifications)
|
- **C**ertification (issuing third-party certifications)
|
||||||
- **S**igning (signing data)
|
- **S**igning (signing data)
|
||||||
- **E**ncryption (encrypting data)
|
- **E**ncryption (encrypting data)
|
||||||
- **A**uthentication (commonly used for OpenPGP authentication)
|
- **A**uthentication (commonly used for OpenPGP authentication)
|
||||||
|
|
||||||
|
```{admonition} Warning
|
||||||
|
Accessibility. Is the bolding of C, S, E, A compatible with screenreaders? Is it worth the effort?
|
||||||
|
```
|
||||||
|
|
||||||
By convention, only the primary key is allowed to perform "certification" operations. All other operations can be configured on either the primary key or a subkey.
|
By convention, only the primary key is allowed to perform "certification" operations. All other operations can be configured on either the primary key or a subkey.
|
||||||
|
|
||||||
```{note}
|
```{note}
|
||||||
|
|
Loading…
Reference in a new issue