Commit graph

602 commits

Author SHA1 Message Date
326f1541cb
missing 'key' 2023-11-28 22:11:30 +01:00
Heiko Schaefer
e3c76587e3
revert to the original plural 2023-11-28 20:59:52 +01:00
Heiko Schaefer
dda95bdc15
minor edit 2023-11-28 20:59:51 +01:00
Heiko Schaefer
3d82292858
this seems helpful and non-obvious to me? 2023-11-28 20:19:34 +01:00
Heiko Schaefer
ac61a0ca55
generalize to include user attributes 2023-11-28 20:16:09 +01:00
Heiko Schaefer
71df26b237
I feel that this addition is more confusing than helpful, here?
(We're not introducing the term in this meaning, anywhere, as far as i can tell)
2023-11-28 20:14:55 +01:00
Heiko Schaefer
3235ad49d4
i think the rfc says that generic certifications are commonly used for third party certifications, while this section is about self-signatures 2023-11-28 20:06:24 +01:00
Heiko Schaefer
46f3ee92f5
further clarify 2023-11-28 19:54:15 +01:00
Heiko Schaefer
8719b9deb2
this addition seems mostly distracting to me? 2023-11-28 19:54:14 +01:00
Heiko Schaefer
e59e70939c
clarify certification key flag limitation 2023-11-28 19:37:06 +01:00
Heiko Schaefer
e187175d65
minor edits 2023-11-28 19:36:51 +01:00
5d096959de
Some minor changes to chapter 8 2023-11-27 22:03:21 +01:00
6700eddaba
There are different implementations of the WoT around, not all of them might use DK sigs as delegations afaik 2023-11-27 20:25:05 +01:00
Heiko Schaefer
3a921f6528
Merge branch 'draft' into tammi-ch8-heiko
# Conflicts:
#	book/source/08-signing_components.md
2023-11-25 23:09:12 +01:00
Heiko Schaefer
8431dd8e1d
re-instate section structure 2023-11-25 23:05:13 +01:00
Heiko Schaefer
4f179701e3
Merge remote-tracking branch 'origin/liw-ch3-tammi' into draft
# Conflicts:
#	book/source/03-cryptography.md
2023-11-25 23:00:47 +01:00
Tammi L. Coles
f1e6da7e74 try again 2023-11-25 22:53:02 +01:00
Tammi L. Coles
90f2ad9c4f further streamline commit 7f68db756c 2023-11-25 22:15:37 +01:00
Tammi L. Coles
8ab3d359e6 edit to commit 36399d330b 2023-11-25 22:07:07 +01:00
Heiko Schaefer
11542af645
add placeholder "append-only" link target 2023-11-25 20:03:58 +01:00
Heiko Schaefer
dc9e9510d0
ci: codespell fixes 2023-11-25 20:01:26 +01:00
Heiko Schaefer
3130ebee43
Merge branch 'heiko-ch4' into draft
# Conflicts:
#	book/source/04-certificates.md
2023-11-25 19:40:56 +01:00
Heiko Schaefer
5621dfa79c
avoid using the technical term "key" as a generic word 2023-11-25 19:29:18 +01:00
Heiko Schaefer
b121676a0d
i think "demonstrate" gestures partly in the wrong direction.
much agility is already built in. the point here is not that more agility can be built in on short notice (even though that is also true). but rather that OpenPGP already allows users to make a lot of decisions about which mechanisms to use, right now.
2023-11-25 19:26:55 +01:00
Heiko Schaefer
0a2bccb380
generalize: User Attributes are uncommon, but we should include them 2023-11-25 19:20:42 +01:00
Heiko Schaefer
ee1e9d5396
simplify/clarify section title 2023-11-25 19:20:00 +01:00
Heiko Schaefer
4635d15ece
drop duplication 2023-11-25 18:41:35 +01:00
Heiko Schaefer
111f6cca41
attempt at footnote with more detail on fingerprint uniqueness. the exact content might need more tweaking. 2023-11-25 18:39:02 +01:00
Heiko Schaefer
a431853832
zoom_certificates doesn't talk about private keys (anymore). de-emphasize the packet-level chapter (it's still very unclear to me how many readers should look at those chapters). 2023-11-25 18:24:36 +01:00
Heiko Schaefer
3b0dfd5cd7
move contextualization paragraphs up to the first block 2023-11-25 18:14:45 +01:00
Heiko Schaefer
06c40b0275
i'm uncomfortable offering an explanation for this recommendation
(i don't think security is a concern here. maybe interoperability?)
2023-11-25 17:49:35 +01:00
Heiko Schaefer
43b26012de
minor tweak 2023-11-25 17:46:07 +01:00
Heiko Schaefer
77a0a69d78
clarify language 2023-11-25 17:43:30 +01:00
Heiko Schaefer
993da3ccf4
don't use the generic word "critical" in a context where it has a technical meaning 2023-11-25 17:39:47 +01:00
Heiko Schaefer
887c5bf0e6
remove dangling footnote syntax 2023-11-25 17:32:33 +01:00
Heiko Schaefer
127f36162c
move example texts into diagram notes 2023-11-25 17:32:33 +01:00
Heiko Schaefer
5887bcc880
edit "trust signature" text
- lean on the word "trust" as little as possible
- some clarifications
2023-11-25 17:32:33 +01:00
Tammi L. Coles
8c8cf2ed50 edit commit 02b0785584 on the not-exactly-unique fingerprint 2023-11-25 16:30:54 +01:00
Tammi L. Coles
4a2595c5f7 remove comma in commit e0457bac64 2023-11-25 16:24:09 +01:00
Tammi L. Coles
f0e5c00803 reorganize and structure content to answer commit 992c878fea 2023-11-25 16:17:31 +01:00
Tammi L. Coles
7cb536008b edit commit 451b881c03 2023-11-25 16:03:52 +01:00
Heiko Schaefer
e49d1e69af
clarify certification text
And use Bob's real fingerprint.
2023-11-25 15:57:00 +01:00
Heiko Schaefer
4b9c064a8b
it seems confusing to imply that bob will necessarily distribute a third-party certification, this is only true some of the time 2023-11-25 15:43:24 +01:00
Heiko Schaefer
a3b5e263e3
add missing space 2023-11-25 15:36:40 +01:00
Tammi L. Coles
018a6107c1 edit to commit 441936eb98 2023-11-25 15:33:34 +01:00
Heiko Schaefer
5f694e8c23
clarification: "append" implies "stored at the end of a file." this is not generally true for these two cases.
I now realize that this is weird: we're claiming that certificates are "append only". However, the meaning of that term, in OpenPGP is ... not about the location of additions. Rather it just means "we only get to add packets, not remove them". Regardless of packet order.
2023-11-25 15:11:17 +01:00
Heiko Schaefer
5faec16cb8
Improve on original text: "Elements" encompass both "components" and "signatures." Regarding malicious addition, we care about both.
Additionally, "typically" reads confusingly weak to me, erring on the side of "maybe too strong" with "will" seems better.
2023-11-25 14:56:17 +01:00
Heiko Schaefer
97e413a3dd
in our text, this fingerprint represents Alice's certificate (and isn't an example) 2023-11-25 14:53:00 +01:00
Heiko Schaefer
cdbf15e49a
clarify how the back signature is embedded 2023-11-25 14:47:34 +01:00
Heiko Schaefer
a9c8e138fe
add "cert-flooding" link anchor 2023-11-25 14:19:37 +01:00