mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-30 03:22:06 +01:00
edit 118 to resolve https://codeberg.org/openpgp/notes/pulls/81#issuecomment-1291275
This commit is contained in:
parent
c3d7d5f8b5
commit
e878c637b8
1 changed files with 1 additions and 2 deletions
|
@ -114,8 +114,7 @@ Commonly used key flags include:
|
||||||
- **Authentication**: primarily used for OpenPGP authentication
|
- **Authentication**: primarily used for OpenPGP authentication
|
||||||
|
|
||||||
```{note}
|
```{note}
|
||||||
|
Distinct component keys handle specific operations. The primary key is reserved solely for certification, while separate subkeys are used for signing, encryption, and authentication. Subkeys lack certification capability. Notably, in many algorithms, encryption capability is exclusive and cannot overlap with other operations[^key-flag-sharing]).
|
||||||
In line with best practices, distinct component keys should handle specific operations. The primary key should be reserved solely for certification, while separate subkeys should be used for signing, encryption, and authentication. Notably, in many algorithms, encryption capability is exclusive and cannot overlap with other operations[^key-flag-sharing]).
|
|
||||||
```
|
```
|
||||||
|
|
||||||
[^key-flag-sharing]: With ECC algorithms, it's impossible to combine encryption functions with those intended for signing. For example, ed25519 is specifically used for signing; cv25519 is designated for encryption.
|
[^key-flag-sharing]: With ECC algorithms, it's impossible to combine encryption functions with those intended for signing. For example, ed25519 is specifically used for signing; cv25519 is designated for encryption.
|
||||||
|
|
Loading…
Reference in a new issue