vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 16:12:05 +01:00
Code Issues Projects Releases Packages Wiki Activity
openpgp-notes/book/source/11-decryption.md
Heiko Schaefer c1e6630f9f
ch10/11: outline adjustments 
Move legacy "SED" mode from "encrypt" to "decrypt" chapter
2023-10-04 15:19:12 +02:00

708 B
Raw Blame History

(decryption_chapter)=

Decryption

:class: warning

  - using expired certificate?
  - using revoked certificate?
  - using expired subkey?
  - using revoked subkey?

SEIPD w/ AEAD (v2)

SEIPD (v1)

SED

Legacy mode, may be decrypted, but not produced.

Advanced topics

Selecting decryption key

  • Trying PKESKs until one works out
  • consider "smart" strategies

additional wrinkle: hidden intended decryption key (gnupg --throw-keyid)

also see:

https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#pkesk-notes

An implementation MAY accept or use a Key ID of all zeros, or an omitted key fingerprint, to hide the intended decryption key