Commit graph

651 commits

Author SHA1 Message Date
Heiko Schaefer
3235ad49d4
i think the rfc says that generic certifications are commonly used for third party certifications, while this section is about self-signatures 2023-11-28 20:06:24 +01:00
Heiko Schaefer
46f3ee92f5
further clarify 2023-11-28 19:54:15 +01:00
Heiko Schaefer
8719b9deb2
this addition seems mostly distracting to me? 2023-11-28 19:54:14 +01:00
Heiko Schaefer
e59e70939c
clarify certification key flag limitation 2023-11-28 19:37:06 +01:00
Heiko Schaefer
e187175d65
minor edits 2023-11-28 19:36:51 +01:00
5d096959de
Some minor changes to chapter 8 2023-11-27 22:03:21 +01:00
6700eddaba
There are different implementations of the WoT around, not all of them might use DK sigs as delegations afaik 2023-11-27 20:25:05 +01:00
heiko
a7abea94ee Merge pull request 'tammi-ch8' (#145) from tammi-ch8 into draft
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/145
2023-11-25 22:13:57 +00:00
heiko
1a0b26ad91 Merge pull request 'tammi-ch8-heiko' (#150) from tammi-ch8-heiko into tammi-ch8
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/150
2023-11-25 22:13:42 +00:00
Heiko Schaefer
3a921f6528
Merge branch 'draft' into tammi-ch8-heiko
# Conflicts:
#	book/source/08-signing_components.md
2023-11-25 23:09:12 +01:00
Heiko Schaefer
8431dd8e1d
re-instate section structure 2023-11-25 23:05:13 +01:00
Heiko Schaefer
4f179701e3
Merge remote-tracking branch 'origin/liw-ch3-tammi' into draft
# Conflicts:
#	book/source/03-cryptography.md
2023-11-25 23:00:47 +01:00
Tammi L. Coles
f1e6da7e74 try again 2023-11-25 22:53:02 +01:00
Tammi L. Coles
90f2ad9c4f further streamline commit 7f68db756c 2023-11-25 22:15:37 +01:00
Tammi L. Coles
8ab3d359e6 edit to commit 36399d330b 2023-11-25 22:07:07 +01:00
Heiko Schaefer
11542af645
add placeholder "append-only" link target 2023-11-25 20:03:58 +01:00
Heiko Schaefer
dc9e9510d0
ci: codespell fixes 2023-11-25 20:01:26 +01:00
Heiko Schaefer
3130ebee43
Merge branch 'heiko-ch4' into draft
# Conflicts:
#	book/source/04-certificates.md
2023-11-25 19:40:56 +01:00
heiko
001f8ab343 Merge pull request 'ch4: additional edits by heiko on top of tammi's edits in heiko-ch4' (#148) from heiko-ch4-edit2 into heiko-ch4
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/148
2023-11-25 18:35:27 +00:00
Heiko Schaefer
5621dfa79c
avoid using the technical term "key" as a generic word 2023-11-25 19:29:18 +01:00
Heiko Schaefer
b121676a0d
i think "demonstrate" gestures partly in the wrong direction.
much agility is already built in. the point here is not that more agility can be built in on short notice (even though that is also true). but rather that OpenPGP already allows users to make a lot of decisions about which mechanisms to use, right now.
2023-11-25 19:26:55 +01:00
Heiko Schaefer
0a2bccb380
generalize: User Attributes are uncommon, but we should include them 2023-11-25 19:20:42 +01:00
Heiko Schaefer
ee1e9d5396
simplify/clarify section title 2023-11-25 19:20:00 +01:00
Heiko Schaefer
4635d15ece
drop duplication 2023-11-25 18:41:35 +01:00
Heiko Schaefer
111f6cca41
attempt at footnote with more detail on fingerprint uniqueness. the exact content might need more tweaking. 2023-11-25 18:39:02 +01:00
Heiko Schaefer
a431853832
zoom_certificates doesn't talk about private keys (anymore). de-emphasize the packet-level chapter (it's still very unclear to me how many readers should look at those chapters). 2023-11-25 18:24:36 +01:00
Heiko Schaefer
3b0dfd5cd7
move contextualization paragraphs up to the first block 2023-11-25 18:14:45 +01:00
Heiko Schaefer
06c40b0275
i'm uncomfortable offering an explanation for this recommendation
(i don't think security is a concern here. maybe interoperability?)
2023-11-25 17:49:35 +01:00
Heiko Schaefer
43b26012de
minor tweak 2023-11-25 17:46:07 +01:00
Heiko Schaefer
77a0a69d78
clarify language 2023-11-25 17:43:30 +01:00
Heiko Schaefer
993da3ccf4
don't use the generic word "critical" in a context where it has a technical meaning 2023-11-25 17:39:47 +01:00
Heiko Schaefer
887c5bf0e6
remove dangling footnote syntax 2023-11-25 17:32:33 +01:00
Heiko Schaefer
127f36162c
move example texts into diagram notes 2023-11-25 17:32:33 +01:00
Heiko Schaefer
5887bcc880
edit "trust signature" text
- lean on the word "trust" as little as possible
- some clarifications
2023-11-25 17:32:33 +01:00
Tammi L. Coles
8c8cf2ed50 edit commit 02b0785584 on the not-exactly-unique fingerprint 2023-11-25 16:30:54 +01:00
Tammi L. Coles
4a2595c5f7 remove comma in commit e0457bac64 2023-11-25 16:24:09 +01:00
Tammi L. Coles
f0e5c00803 reorganize and structure content to answer commit 992c878fea 2023-11-25 16:17:31 +01:00
Tammi L. Coles
7cb536008b edit commit 451b881c03 2023-11-25 16:03:52 +01:00
Heiko Schaefer
e49d1e69af
clarify certification text
And use Bob's real fingerprint.
2023-11-25 15:57:00 +01:00
Heiko Schaefer
4b9c064a8b
it seems confusing to imply that bob will necessarily distribute a third-party certification, this is only true some of the time 2023-11-25 15:43:24 +01:00
Heiko Schaefer
a3b5e263e3
add missing space 2023-11-25 15:36:40 +01:00
Tammi L. Coles
018a6107c1 edit to commit 441936eb98 2023-11-25 15:33:34 +01:00
Heiko Schaefer
5f694e8c23
clarification: "append" implies "stored at the end of a file." this is not generally true for these two cases.
I now realize that this is weird: we're claiming that certificates are "append only". However, the meaning of that term, in OpenPGP is ... not about the location of additions. Rather it just means "we only get to add packets, not remove them". Regardless of packet order.
2023-11-25 15:11:17 +01:00
Heiko Schaefer
5faec16cb8
Improve on original text: "Elements" encompass both "components" and "signatures." Regarding malicious addition, we care about both.
Additionally, "typically" reads confusingly weak to me, erring on the side of "maybe too strong" with "will" seems better.
2023-11-25 14:56:17 +01:00
Heiko Schaefer
97e413a3dd
in our text, this fingerprint represents Alice's certificate (and isn't an example) 2023-11-25 14:53:00 +01:00
Heiko Schaefer
cdbf15e49a
clarify how the back signature is embedded 2023-11-25 14:47:34 +01:00
Heiko Schaefer
a9c8e138fe
add "cert-flooding" link anchor 2023-11-25 14:19:37 +01:00
Heiko Schaefer
e05f104974
clarify enumeration of legitimate unbound packets
This is supposed to be a list of legitimate uses. I've removed the elaboration of the flooding problem, and replaced it with a link to an elaboration in ch4.
2023-11-25 14:16:30 +01:00
Tammi L. Coles
d49cf0b713 Edit commit 6f609c7f88 2023-11-25 14:12:09 +01:00
Tammi L. Coles
a914e60fa3 edit metadata capabilities of commit c6888559f5 2023-11-25 13:59:35 +01:00