Heiko Schaefer
3235ad49d4
i think the rfc says that generic certifications are commonly used for third party certifications, while this section is about self-signatures
2023-11-28 20:06:24 +01:00
Heiko Schaefer
46f3ee92f5
further clarify
2023-11-28 19:54:15 +01:00
Heiko Schaefer
8719b9deb2
this addition seems mostly distracting to me?
2023-11-28 19:54:14 +01:00
Heiko Schaefer
e59e70939c
clarify certification key flag limitation
2023-11-28 19:37:06 +01:00
Heiko Schaefer
e187175d65
minor edits
2023-11-28 19:36:51 +01:00
5d096959de
Some minor changes to chapter 8
2023-11-27 22:03:21 +01:00
6700eddaba
There are different implementations of the WoT around, not all of them might use DK sigs as delegations afaik
2023-11-27 20:25:05 +01:00
heiko
a7abea94ee
Merge pull request 'tammi-ch8' ( #145 ) from tammi-ch8 into draft
...
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/145
2023-11-25 22:13:57 +00:00
heiko
1a0b26ad91
Merge pull request 'tammi-ch8-heiko' ( #150 ) from tammi-ch8-heiko into tammi-ch8
...
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/150
2023-11-25 22:13:42 +00:00
Heiko Schaefer
3a921f6528
Merge branch 'draft' into tammi-ch8-heiko
...
# Conflicts:
# book/source/08-signing_components.md
2023-11-25 23:09:12 +01:00
Heiko Schaefer
8431dd8e1d
re-instate section structure
2023-11-25 23:05:13 +01:00
Heiko Schaefer
4f179701e3
Merge remote-tracking branch 'origin/liw-ch3-tammi' into draft
...
# Conflicts:
# book/source/03-cryptography.md
2023-11-25 23:00:47 +01:00
Tammi L. Coles
f1e6da7e74
try again
2023-11-25 22:53:02 +01:00
Tammi L. Coles
90f2ad9c4f
further streamline commit 7f68db756c
2023-11-25 22:15:37 +01:00
Tammi L. Coles
8ab3d359e6
edit to commit 36399d330b
2023-11-25 22:07:07 +01:00
Heiko Schaefer
11542af645
add placeholder "append-only" link target
2023-11-25 20:03:58 +01:00
Heiko Schaefer
dc9e9510d0
ci: codespell fixes
2023-11-25 20:01:26 +01:00
Heiko Schaefer
3130ebee43
Merge branch 'heiko-ch4' into draft
...
# Conflicts:
# book/source/04-certificates.md
2023-11-25 19:40:56 +01:00
heiko
001f8ab343
Merge pull request 'ch4: additional edits by heiko on top of tammi's edits in heiko-ch4
' ( #148 ) from heiko-ch4-edit2 into heiko-ch4
...
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/148
2023-11-25 18:35:27 +00:00
Heiko Schaefer
5621dfa79c
avoid using the technical term "key" as a generic word
2023-11-25 19:29:18 +01:00
Heiko Schaefer
b121676a0d
i think "demonstrate" gestures partly in the wrong direction.
...
much agility is already built in. the point here is not that more agility can be built in on short notice (even though that is also true). but rather that OpenPGP already allows users to make a lot of decisions about which mechanisms to use, right now.
2023-11-25 19:26:55 +01:00
Heiko Schaefer
0a2bccb380
generalize: User Attributes are uncommon, but we should include them
2023-11-25 19:20:42 +01:00
Heiko Schaefer
ee1e9d5396
simplify/clarify section title
2023-11-25 19:20:00 +01:00
Heiko Schaefer
4635d15ece
drop duplication
2023-11-25 18:41:35 +01:00
Heiko Schaefer
111f6cca41
attempt at footnote with more detail on fingerprint uniqueness. the exact content might need more tweaking.
2023-11-25 18:39:02 +01:00
Heiko Schaefer
a431853832
zoom_certificates doesn't talk about private keys (anymore). de-emphasize the packet-level chapter (it's still very unclear to me how many readers should look at those chapters).
2023-11-25 18:24:36 +01:00
Heiko Schaefer
3b0dfd5cd7
move contextualization paragraphs up to the first block
2023-11-25 18:14:45 +01:00
Heiko Schaefer
06c40b0275
i'm uncomfortable offering an explanation for this recommendation
...
(i don't think security is a concern here. maybe interoperability?)
2023-11-25 17:49:35 +01:00
Heiko Schaefer
43b26012de
minor tweak
2023-11-25 17:46:07 +01:00
Heiko Schaefer
77a0a69d78
clarify language
2023-11-25 17:43:30 +01:00
Heiko Schaefer
993da3ccf4
don't use the generic word "critical" in a context where it has a technical meaning
2023-11-25 17:39:47 +01:00
Heiko Schaefer
887c5bf0e6
remove dangling footnote syntax
2023-11-25 17:32:33 +01:00
Heiko Schaefer
127f36162c
move example texts into diagram notes
2023-11-25 17:32:33 +01:00
Heiko Schaefer
5887bcc880
edit "trust signature" text
...
- lean on the word "trust" as little as possible
- some clarifications
2023-11-25 17:32:33 +01:00
Tammi L. Coles
8c8cf2ed50
edit commit 02b0785584
on the not-exactly-unique fingerprint
2023-11-25 16:30:54 +01:00
Tammi L. Coles
4a2595c5f7
remove comma in commit e0457bac64
2023-11-25 16:24:09 +01:00
Tammi L. Coles
f0e5c00803
reorganize and structure content to answer commit 992c878fea
2023-11-25 16:17:31 +01:00
Tammi L. Coles
7cb536008b
edit commit 451b881c03
2023-11-25 16:03:52 +01:00
Heiko Schaefer
e49d1e69af
clarify certification text
...
And use Bob's real fingerprint.
2023-11-25 15:57:00 +01:00
Heiko Schaefer
4b9c064a8b
it seems confusing to imply that bob will necessarily distribute a third-party certification, this is only true some of the time
2023-11-25 15:43:24 +01:00
Heiko Schaefer
a3b5e263e3
add missing space
2023-11-25 15:36:40 +01:00
Tammi L. Coles
018a6107c1
edit to commit 441936eb98
2023-11-25 15:33:34 +01:00
Heiko Schaefer
5f694e8c23
clarification: "append" implies "stored at the end of a file." this is not generally true for these two cases.
...
I now realize that this is weird: we're claiming that certificates are "append only". However, the meaning of that term, in OpenPGP is ... not about the location of additions. Rather it just means "we only get to add packets, not remove them". Regardless of packet order.
2023-11-25 15:11:17 +01:00
Heiko Schaefer
5faec16cb8
Improve on original text: "Elements" encompass both "components" and "signatures." Regarding malicious addition, we care about both.
...
Additionally, "typically" reads confusingly weak to me, erring on the side of "maybe too strong" with "will" seems better.
2023-11-25 14:56:17 +01:00
Heiko Schaefer
97e413a3dd
in our text, this fingerprint represents Alice's certificate (and isn't an example)
2023-11-25 14:53:00 +01:00
Heiko Schaefer
cdbf15e49a
clarify how the back signature is embedded
2023-11-25 14:47:34 +01:00
Heiko Schaefer
a9c8e138fe
add "cert-flooding" link anchor
2023-11-25 14:19:37 +01:00
Heiko Schaefer
e05f104974
clarify enumeration of legitimate unbound packets
...
This is supposed to be a list of legitimate uses. I've removed the elaboration of the flooding problem, and replaced it with a link to an elaboration in ch4.
2023-11-25 14:16:30 +01:00
Tammi L. Coles
d49cf0b713
Edit commit 6f609c7f88
2023-11-25 14:12:09 +01:00
Tammi L. Coles
a914e60fa3
edit metadata capabilities of commit c6888559f5
2023-11-25 13:59:35 +01:00