mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 16:12:05 +01:00

ch4: add a note that the example key isn't password protected

Add link to ch5 for discussion of encrypted private key material.

2023-10-12 14:11:02 +02:00

1,000 B

Raw Blame History

(private_key_chapter)=

Private keys

:class: warning

- Consistently consider private key material as a separate thing from Certificates? (like in pkcs#11?)

Transferable secret keys

https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-transferable-secret-keys

(encrypted_secrets)=

Password protecting secret key material

:class: warning

S2K, symmetric encryption

Private key operations

The core of private key operations doesn't require access to the whole certificate. A private key subsystem only needs to handle the cryptographic key material.

OpenPGP card for private keys

OpenPGP card devices are a type of hardware security device. They are one popular way to handle OpenPGP private key material. These devices do not store the full OpenPGP certificate.

1,000 B

Raw Blame History

Private keys

Transferable secret keys

Password protecting secret key material

Private key operations

OpenPGP card for private keys

Advanced topics

TSKs: Best practices S2K + S2K migration?

The KOpenPGP attack

1,000 B Raw Blame History

Private keys

Transferable secret keys

Password protecting secret key material

Private key operations

OpenPGP card for private keys

Advanced topics

TSKs: Best practices S2K + S2K migration?

The KOpenPGP attack

1,000 B

Raw Blame History