mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-30 11:32:07 +01:00
26 lines
No EOL
612 B
Markdown
26 lines
No EOL
612 B
Markdown
(decryption_chapter)=
|
|
# Decryption
|
|
|
|
```{admonition} TODO
|
|
:class: warning
|
|
|
|
- using expired certificate?
|
|
- using revoked certificate?
|
|
- using expired subkey?
|
|
- using revoked subkey?
|
|
```
|
|
|
|
## Advanced topics
|
|
|
|
### Selecting decryption key
|
|
|
|
- Trying PKESKs until one works out
|
|
- consider "smart" strategies
|
|
|
|
additional wrinkle: hidden intended decryption key (`gnupg --throw-keyid`)
|
|
|
|
also see:
|
|
|
|
https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#pkesk-notes
|
|
|
|
> An implementation MAY accept or use a Key ID of all zeros, or an omitted key fingerprint, to hide the intended decryption key |