mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-26 17:42:06 +01:00
remove 'and providing varying levels of security'
This commit is contained in:
parent
0def7f33ae
commit
e6c935eec9
1 changed files with 1 additions and 1 deletions
|
@ -113,7 +113,7 @@ They are formatted as key-value pairs, where the keys are defined as [subpacket
|
||||||
|
|
||||||
### Hashed and unhashed signature subpackets
|
### Hashed and unhashed signature subpackets
|
||||||
|
|
||||||
Signature subpackets within OpenPGP can reside in one of two distinct areas of a signature packet, each serving a different purpose and providing varying levels of security.
|
Signature subpackets within OpenPGP can reside in one of two distinct areas of a signature packet, each serving a different purpose.
|
||||||
|
|
||||||
- **Hashed area**: Hashed subpackets are included in the hash digest of the signature and are thus covered by its cryptographic signature. They reliably express the signer's intent.
|
- **Hashed area**: Hashed subpackets are included in the hash digest of the signature and are thus covered by its cryptographic signature. They reliably express the signer's intent.
|
||||||
- **Unhashed area**: Unhashed subpackets, conversely, are not included in the hash digest for the signature. They are thus not protected against tampering and can be used to retroactively add, change, or remove metadata in a signature packet without affecting its validity. They are primarily used for advisory purposes or in scenarios where the integrity of the subpacket content can be self-authenticated. An example is the issuer fingerprint subpacket, which can be validated through successful signature verification using the referenced issuer key.
|
- **Unhashed area**: Unhashed subpackets, conversely, are not included in the hash digest for the signature. They are thus not protected against tampering and can be used to retroactively add, change, or remove metadata in a signature packet without affecting its validity. They are primarily used for advisory purposes or in scenarios where the integrity of the subpacket content can be self-authenticated. An example is the issuer fingerprint subpacket, which can be validated through successful signature verification using the referenced issuer key.
|
||||||
|
|
Loading…
Reference in a new issue