vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-10 11:49:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

Edits for clarity, terms, styling

Browse source
This commit is contained in:
Heiko Schaefer 2023-12-10 16:44:13 +01:00
parent d956114e9d
commit 18e0e06ff2
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 8 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
book/source/15-migration.md
View file

@ -3,26 +3,28 @@ SPDX-FileCopyrightText: 2023 The "Notes on OpenPGP" project
SPDX-License-Identifier: CC-BY-SA-4.0
-->
# Migration from v4 to v6
# Migration from OpenPGP v4 to v6
The OpenPGP protocol has developed over time, and will continue to do so, adapting to new challenges and expectations.
Some of these changes might be subtle, like the addition of a new hash algorithm, while others are more invasive, like a new key format.
Some of these changes might be subtle, like the addition of a new hash algorithm, while others are more invasive, like a new OpenPGP key format.
This makes it necessary to migrate both implementations and existing key material.
This makes it necessary to migrate both implementations and existing user keys and certificates.
In this chapter, we want to explore possible steps to migrate from OpenPGP v4 as defined by RFC4880 to v6 (crypto-refresh).
## Adoption of new features
The new standard introduced a number of new features, which improve security aspects of the protocol.
Some of these features require use of new key material, while others can be adopted by existing key material over time.
Some of these features can only be used with new OpenPGP version 6 keys, and require users to migrate to fresh keys.
Other features can be used with existing OpenPGP version 4 keys, as soon as implementations support the features, and users' certificates reflect that the features are supported by the user's software.
### SEIPD v2
A perfect example for a newly introduced feature that can be applied to existing v4 keys are the new SEIPD v2 packets.
Existing v4 keys can simply announce support for SEIPDv2 via a *Feature* subpacket in a self-signature. This signals to producers that the user's OpenPGP software is capable of handling SEIPDv2.
Existing OpenPGP v4 keys can simply announce support for SEIPD v2 via a *Feature* subpacket in a self-signature. This signals to producers that the user's OpenPGP software is capable of handling SEIPD v2.
(migration_s2k)=
### S2K usage mode AEAD