mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-25 17:12:06 +01:00
MOST implementations assume only primary-key Certification capable
This commit is contained in:
parent
326f1541cb
commit
d0b4502a4b
1 changed files with 1 additions and 1 deletions
|
@ -52,7 +52,7 @@ Third-party signatures are used to make specific statements:
|
||||||
The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is required to issue third-party signatures. By convention[^primary-certification], only the certificate's primary key can hold this key flag.
|
The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is required to issue third-party signatures. By convention[^primary-certification], only the certificate's primary key can hold this key flag.
|
||||||
```
|
```
|
||||||
|
|
||||||
[^primary-certification]: Implementations currently assume that only the primary key may hold the "certify others" key flag. However, the RFC doesn't clearly specify this limitation.
|
[^primary-certification]: Most implementations currently assume that only the primary key may hold the "certify others" key flag. However, the RFC doesn't clearly specify this limitation.
|
||||||
|
|
||||||
### Distinct functions of self-signatures and third-party signatures
|
### Distinct functions of self-signatures and third-party signatures
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue