vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-25 17:12:06 +01:00
Code Issues Projects Releases Packages Wiki Activity

MOST implementations assume only primary-key Certification capable

Browse source
This commit is contained in:
Paul Schaub 2023-11-28 22:13:20 +01:00
parent 326f1541cb
commit d0b4502a4b
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
book/source/08-signing_components.md
View file

@ -52,7 +52,7 @@ Third-party signatures are used to make specific statements:
The **certify others** [key flag](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-key-flags) (`0x01`) is required to issue third-party signatures. By convention[^primary-certification], only the certificate's primary key can hold this key flag.
```
[^primary-certification]: Implementations currently assume that only the primary key may hold the "certify others" key flag. However, the RFC doesn't clearly specify this limitation.
[^primary-certification]: Most implementations currently assume that only the primary key may hold the "certify others" key flag. However, the RFC doesn't clearly specify this limitation.
### Distinct functions of self-signatures and third-party signatures