mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-30 11:32:07 +01:00
a1fe545e88
Add link to ch5 for discussion of encrypted private key material.
1,000 B
1,000 B
(private_key_chapter)=
Private keys
:class: warning
- Consistently consider private key material as a separate thing from Certificates? (like in pkcs#11?)
Transferable secret keys
(encrypted_secrets)=
Password protecting secret key material
:class: warning
S2K, symmetric encryption
Private key operations
The core of private key operations doesn't require access to the whole certificate. A private key subsystem only needs to handle the cryptographic key material.
OpenPGP card for private keys
OpenPGP card devices are a type of hardware security device. They are one popular way to handle OpenPGP private key material. These devices do not store the full OpenPGP certificate.