From 18e0e06ff2930add6ce194ce0e7e8b2743580dd6 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Sun, 10 Dec 2023 16:44:13 +0100 Subject: [PATCH] Edits for clarity, terms, styling --- book/source/15-migration.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/book/source/15-migration.md b/book/source/15-migration.md index 8750986..82aa2d2 100644 --- a/book/source/15-migration.md +++ b/book/source/15-migration.md @@ -3,26 +3,28 @@ SPDX-FileCopyrightText: 2023 The "Notes on OpenPGP" project SPDX-License-Identifier: CC-BY-SA-4.0 --> -# Migration from v4 to v6 +# Migration from OpenPGP v4 to v6 The OpenPGP protocol has developed over time, and will continue to do so, adapting to new challenges and expectations. -Some of these changes might be subtle, like the addition of a new hash algorithm, while others are more invasive, like a new key format. +Some of these changes might be subtle, like the addition of a new hash algorithm, while others are more invasive, like a new OpenPGP key format. -This makes it necessary to migrate both implementations and existing key material. +This makes it necessary to migrate both implementations and existing user keys and certificates. In this chapter, we want to explore possible steps to migrate from OpenPGP v4 as defined by RFC4880 to v6 (crypto-refresh). ## Adoption of new features The new standard introduced a number of new features, which improve security aspects of the protocol. -Some of these features require use of new key material, while others can be adopted by existing key material over time. +Some of these features can only be used with new OpenPGP version 6 keys, and require users to migrate to fresh keys. + +Other features can be used with existing OpenPGP version 4 keys, as soon as implementations support the features, and users' certificates reflect that the features are supported by the user's software. ### SEIPD v2 -A perfect example for a newly introduced feature that can be applied to existing v4 keys are the new SEIPDv2 packets. +A perfect example for a newly introduced feature that can be applied to existing v4 keys are the new SEIPD v2 packets. -Existing v4 keys can simply announce support for SEIPDv2 via a *Feature* subpacket in a self-signature. This signals to producers that the user's OpenPGP software is capable of handling SEIPDv2. +Existing OpenPGP v4 keys can simply announce support for SEIPD v2 via a *Feature* subpacket in a self-signature. This signals to producers that the user's OpenPGP software is capable of handling SEIPD v2. (migration_s2k)= ### S2K usage mode AEAD