Compare commits

..

No commits in common. "ffa24596a4e77f25a27df3c12c7fcb350a00ccde" and "ebc7530cdb3f82c9906dbc1d501adf6268417ae7" have entirely different histories.

2 changed files with 10 additions and 16 deletions

View file

@ -32,9 +32,7 @@ Authentication
The term "authentication" here is semantically different from the one used in {term}`Authentication Key Flag`. The term "authentication" here is semantically different from the one used in {term}`Authentication Key Flag`.
Authentication Key Flag Authentication Key Flag
A {term}`Key Flag` which indicates that a {term}`Component Key` can be used to prove control over {term}`private key material` with a challenge-response mechanism. This is typically done to log into a remote system, often using the OpenSSH protocol. A {term}`Key Flag`, which indicates that a {term}`Component Key` can be used to confirm control over {term}`private key material` against a remote system. This is typically done to perform an authorative action, like logging into a system. The term "authentication" here is semantically different from {term}`Authentication`. See [](key-flags).
Note that the term "authentication" is used in a different context here than {term}`Authentication` of {term}`identity claims<identity claim>` that are associated with a {term}`certificate`. See [](key-flags).
Authentication Tag Authentication Tag
See {term}`Message Authentication Code`. See {term}`Message Authentication Code`.
@ -51,12 +49,12 @@ Binary Signature
Binding Binding
The process of creating a {term}`Binding Signature` for a {term}`Component`, or the resulting {term}`Binding Signature`. The process of creating a {term}`Binding Signature` for a {term}`Component`, or the resulting {term}`Binding Signature`.
See [](binding-signatures) for more. See {ref}`binding-signatures` for more.
Binding Signature Binding Signature
A {term}`self-signature` on a {term}`component` which associates that {term}`component` to the issuing {term}`component key` in a {term}`certificate<OpenPGP Certificate>`. A {term}`self-signature` on a {term}`component` which associates that {term}`component` to the issuing {term}`component key` in a {term}`certificate<OpenPGP Certificate>`.
See [](binding-signatures) for more. See {ref}`binding-signatures` for more.
CA CA
See {term}`Certification Authority`. See {term}`Certification Authority`.
@ -227,10 +225,6 @@ Identity
Identity Certification Identity Certification
An {term}`OpenPGP Signature Packet` on an {term}`Identity Component` which {term}`certifies<Certification>` its {term}`authenticity<Authentication>`. An {term}`OpenPGP Signature Packet` on an {term}`Identity Component` which {term}`certifies<Certification>` its {term}`authenticity<Authentication>`.
Identity certifications can be issued either:
- by the certificate holder, as a {term}`self-signature`, or
- by a third party, as a {term}`third-party identity certifications<Third-party Identity Certification>`.
Identity Claim Identity Claim
A {term}`Certificate Holder` may use {term}`Identity Components<Identity Component>` or {term}`Notations<Notation>` to state a claim about their {term}`Identity`. A {term}`Certificate Holder` may use {term}`Identity Components<Identity Component>` or {term}`Notations<Notation>` to state a claim about their {term}`Identity`.
@ -307,7 +301,7 @@ Life-cycle Management
See [](self-signatures). See [](self-signatures).
Literal Data Packet Literal Data Packet
A {term}`packet` which contains the plaintext data of an encrypted and/or signed message. See [RFC 5.9](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#lit) for more details. A packet which contains the plaintext data of an encrypted and/or signed message. See [RFC 5.9](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#lit) for more details.
MAC MAC
See {term}`Message Authentication Code`. See {term}`Message Authentication Code`.
@ -318,10 +312,10 @@ Master Key
Message Authentication Code Message Authentication Code
A piece of information used for integrity and {term}`authenticity<Authentication>` verification of a message. See [](message-authentication-code). A piece of information used for integrity and {term}`authenticity<Authentication>` verification of a message. See [](message-authentication-code).
Meta Introducer Meta-Introducer
An {term}`OpenPGP Certificate` that acts as a {term}`Trusted introducer` and has a {term}`Trust Depth` greater than one. An {term}`OpenPGP Certificate` with a {term}`Trust Depth` greater than one.
A meta introducer can introduce other (meta-) {term}`introducers<Trusted introducer>`. A meta-introducer can introduce other (meta-) introducers.
Metadata Metadata
Data related to preferences of an {term}`OpenPGP Certificate` or its {term}`Certificate Holder`, that can be found in {term}`signature` {term}`packets<Packet>`. See [](metadata-in-certificates). Data related to preferences of an {term}`OpenPGP Certificate` or its {term}`Certificate Holder`, that can be found in {term}`signature` {term}`packets<Packet>`. See [](metadata-in-certificates).
@ -574,7 +568,7 @@ Signature Type
See {term}`OpenPGP Signature Type`. See {term}`OpenPGP Signature Type`.
Signature Type ID Signature Type ID
A numerical identifier for a {term}`Signature Type<OpenPGP Signature Type>`. A numerical identifier for a {term}`Signature Type`.
Signature Verification Signature Verification
In cryptography the mechanism of verification relates to a process in which a claim (i.e., a {term}`signature`) is tested (i.e., using the relevant {term}`components<Component>` of a {term}`certificate`). In cryptography the mechanism of verification relates to a process in which a claim (i.e., a {term}`signature`) is tested (i.e., using the relevant {term}`components<Component>` of a {term}`certificate`).
@ -672,7 +666,7 @@ Trust Signature
Trusted introducer Trusted introducer
OpenPGP users can choose to rely on {term}`certifications<Certification>` issued by a third party. The remote party of such a {term}`delegation` is called a "trusted introducer". OpenPGP users can choose to rely on {term}`certifications<Certification>` issued by a third party. The remote party of such a {term}`delegation` is called a "trusted introducer".
See [](delegation) for more details. See {ref}`delegation` for more details.
TSK TSK
See {term}`Transferable Secret Key`. See {term}`Transferable Secret Key`.

View file

@ -241,7 +241,7 @@ OpenPGP uses [*trust signature*](https://www.ietf.org/archive/id/draft-ietf-open
(trust-level)= (trust-level)=
#### Trust depth/level #### Trust depth/level
The "{term}`trust depth`" (or {term}`level<Trust Depth>`) in OpenPGP signifies the extent of transitive {term}`delegation` within the {term}`authentication` process. It determines how far a {term}`delegation` can be extended from the original {term}`trusted introducer` to subsequent intermediaries. Essentially, a {term}`certificate<OpenPGP Certificate>` with a {term}`trust depth` of more than one acts as a "{term}`meta introducer`," facilitating {term}`authentication` decisions across multiple levels in the network. The "{term}`trust depth`" (or {term}`level<Trust Depth>`) in OpenPGP signifies the extent of transitive {term}`delegation` within the {term}`authentication` process. It determines how far a {term}`delegation` can be extended from the original {term}`trusted introducer` to subsequent intermediaries. Essentially, a {term}`certificate<OpenPGP Certificate>` with a {term}`trust depth` of more than one acts as a "{term}`meta-introducer`," facilitating {term}`authentication` decisions across multiple levels in the network.
A {term}`trust depth` of 1 means relying on {term}`certifications<Certification>` made directly by the {term}`trusted introducer`. The user's OpenPGP software will accept {term}`certifications<Certification>` made directly by the {term}`introducer<Trusted Introducer>` for {term}`authenticating<Authentication>` identities. A {term}`trust depth` of 1 means relying on {term}`certifications<Certification>` made directly by the {term}`trusted introducer`. The user's OpenPGP software will accept {term}`certifications<Certification>` made directly by the {term}`introducer<Trusted Introducer>` for {term}`authenticating<Authentication>` identities.