diff --git a/book/source/encryption.md b/book/source/encryption.md index 9ec5d76..85e6598 100644 --- a/book/source/encryption.md +++ b/book/source/encryption.md @@ -15,17 +15,14 @@ For an in-depth, packet-level view of encrypted data in OpenPGP, see [](/zoom/en Encryption in OpenPGP is performed in two distinct steps: 1. **Session key transmission**: For each recipient of the message, a packet that contains a protected copy of the session key is generated. -2. **Symmetric encryption**: The actual message is encrypted based on the [*session key*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt). The (potentially large) ciphertext only needs to be stored once, even if it is sent to multiple recipients. All recipients get access to the same shared *session key* to decrypt the message. +2. **Symmetric encryption**: The actual plaintext message is encrypted based on the [*session key*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt). The resulting (potentially large) ciphertext only needs to be stored once, even if it is sent to multiple recipients who use different OpenPGP keys. All recipients get access to the same shared *session key* to decrypt the message. ```{note} Above, "plaintext" means one of: -- *Literal Data* packet, -- *Compressed Data* packet or a -- *signed message*. -A *signed message*, in turn, is a packet sequence that either -- resembles an *inline-signed message* (a *Literal Data* packet sandwhiched between one or more *One-Pass-Signature* and their respective *Signature* packets), or a -- *prefixed-signed* message (one or more *Signature* packets followed by a single *Literal Data* packet). +- *{term}`Literal message`*, +- *{term}`Compressed message`*, or +- *{term}`Signed message`*. ``` ## Session key transmission