vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-09 11:19:41 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch '09-verification' into draft

Browse source
This commit is contained in:
Heiko Schaefer 2023-12-05 13:42:23 +01:00
commit 28dd67d7f7
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
18 changed files with 533 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.reuse/dep5
View file

@ -7,7 +7,7 @@ Files: book/source/diag/*.png book/source/diag/*.svg
Copyright: 2023 The "Notes on OpenPGP" project
License: CC-BY-SA-4.0
Files: book/source/mermaid/*.png
Files: book/source/drawio/* book/input/09-sigtree.md book/source/mermaid/*.png
Copyright: 2023 The "Notes on OpenPGP" project
License: CC-BY-SA-4.0

2
book/.codespellrc
View file

@ -2,4 +2,4 @@
# SPDX-License-Identifier: CC0-1.0
[codespell]
skip = ./build,./source/diag/*.svg
skip = ./build,./input,./source/diag/*.svg

1
book/Makefile
View file

@ -41,6 +41,7 @@ html-watch:
codespell:
@$(PRINTF) "The following change suggestions are only warnings! (Please don't fix them)\n"
@$(CODESPELL) source/diag || true
@$(CODESPELL) input/ || true
@$(PRINTF) "The following change suggestions are errors!\n"
@$(CODESPELL) .

23
book/input/09-sigtree.md Normal file
View file

@ -0,0 +1,23 @@
```{mermaid}
flowchart TD
subgraph Certificate
pk["Primary Key"]
uid["#quot;Alice #lt;alice@example.org#gt;#quot;"]
sk["Signing Subkey"]
usig(["PositiveCertification
PrimaryUserID: true"])
dksig(["DirectKeySignature"])
sksig(["SubkeyBindingSignature
KeyFlags: Sign Data
EmbeddedSignature: BackSignature"])
pk --- usig --> uid
dksig --> pk --- dksig
pk --- sksig --> sk
end
ds(["Data Signature"])
data("Data")
sk --- ds --> data
```

244
book/source/09-verification.md
View file

@ -4,12 +4,248 @@ SPDX-License-Identifier: CC-BY-SA-4.0
-->
(verification_chapter)=
# Verification
# Signature verification
- Self-authenticating data (unhashed subpackets)
Signature verification in the OpenPGP protocol is a complex process.
Many factors influence the validity of a signature.
Firstly, its expiration date: A signature can be valid at one point in time and expired a second later.
Signatures can be invalid due to the absence or presence of other signatures (e.g., revocations).
Some signatures can be verified standalone, while others require the verification of a chain-like structure of signatures, mostly within the issuer's certificate.
## When are signatures valid?
- Validity as a tree of signatures
As a necessary condition, a valid signature must be [cryptographically correct](sig-verify). This means that both the signature and its signed input data must be intact.
## Which signatures take precedence?
However, there is a difference between signature *correctness* and *validity*:
A signature may be cryptographically correct, but still not qualify as a *valid* signature.
Put mathematically, the set of valid signatures is a subset of the set of correct signatures.
The validity of a correct signature is additionally constrained by a number of conditions:
* **Well-formedness**: Signature packets need to be well-formed. This means that they must contain suitable signature metadata (this includes: the required signature subpackets must be present in the proper subpacket area). The signature metadata must not contain unknown critical subpackets or unknown critical notations[^unknown-critical]. Some implementations additionally apply a policy that constrains accepted hash algorithms, cryptographic algorithms, and key strengths.
* **Temporal validity**: Most signatures have a limited validity period, constrained by the signature creation- and expiration time.
* **Qualification**: Furthermore, some signatures need to be *qualified* by other valid signatures in order to be considered valid. This is especially the case with signatures created by dedicated signing subkeys, where, in addition to the signature itself, the subkeys binding signature(s) must be verified.
* **Revocation**: Lastly, signatures can be invalidated by revocations.
[^unknown-critical]: Note that this implies that a signature might be considered valid by one implementation and be rejected by another, based on the set of subpackets and notations each implementation is aware of.
## Well-formedness of signatures
There are a number of criteria that a signature must fulfill to be considered well-formed:
- Each signature MUST have a signature creation time subpacket in its hashed subpacket area. A signature with only an unhashed creation time - or none at all - is not well-formed.
- The signature cannot be older than the component key that issued it.
- Analogously, a signature with a creation time in the future needs to be rejected as well.
- A well-formed signature needs to carry an Issuer Fingerprint subpacket, or an Issuer KeyID subpacket. It is generally recommended to place Issuer subpackets in the hashed area of the signature, but a receiving implementation may also accept signatures which only contain unhashed copies of these subpackets.
- A signature disqualifies as well-formed if it contains subpackets which are marked as critical, but unknown to the receiving implementation. Unknown subpackets which are not marked as critical do not have an effect on whether the signature is well-formed.
- The same applies to notations. Unknown notations that are marked as critical render the signature malformed.
(temporal-validity)=
## Temporal validity
A signature is valid only for a constrained period of time:
- The creation time of the signature acts as a lower bound for the validity. A signature only becomes valid at its creation time. Hard revocation signatures are an exception: They are by definition valid at any point in time, and have no lower temporal bound.
- If present, the signature's expiration time acts as a natural upper bound for its validity.
When checking a signature for validity, a reference time is used. The validity of the signature is evaluated at that reference time.
The reference time can be:
- the current time during validation, or
- another point in time that is significant to the signature that is validated. For example, when checking the signature of an email, the reference time might be the signature creation time, or the time of receipt of the email.
For the signature to qualify as valid, it needs to be in effect. In other words, the reference time must fall into the period between signature creation and signature expiration.
The same reference time must be used when verifying required qualifying signatures, if any.
## Self-qualifying and non-self-qualifying signatures
Some signatures can be verified on their own, while others require the verification of additional signatures on the issuer certificate. We will call the former category *self-qualifying* signatures.
Typically, self-qualifying signatures are self-signatures, meaning signatures issued by an OpenPGP primary key for the components in its certificate.
Examples for self-qualifying signatures are:
- direct key self-signatures (`0x1F`),
- User ID self-certifications (`0x10`-`0x13`),
- key-revocation self-signatures (`0x20`),
- certification revocation self-signatures (`0x30`) or
- self-signatures used to bind or revoke subkeys (`0x18`, `0x19`, `0x28`).
Examples for signatures which are not self-qualifying are:
- data signatures (`0x00`, `0x01`) and
- signatures issued over third-party certificates, such as:
- third-party direct key signatures (`0x1F`),
- third-party key-revocations (`0x20`),
- third-party certification (`0x10`-`0x13`), or
- third-party certification revocation signatures (`0x30`).
## Signature qualification
To verify non-self-qualifying signatures, it is necessary to look at more than just the signature itself.
This is required because the issuing component key needs to be qualified to create such a signature (e.g., because a specific capability key flag is required). The qualification typically emerges via a self-signature on the key itself.
In short, a chain of valid signatures from the signature itself to the primary key of the issuer certificate needs to be established.
For example, a data signature over an email body may be issued by a subkey only if that subkey is validly bound to the issuer's certificate via a subkey binding signature. That binding signature needs to contain a *key flags* subpacket that marks the subkey as *signing* capable.
Similarly, certification signatures over third-party certificates require the issuer key to carry a valid self-signature with the *certification* key flag.
Self-qualifying signatures have no such limitations.
For example, a certificate consisting only of a primary key and a single key-revocation self-signature contains everything needed to verify the revocation, as key-revocation self-signatures are self-qualifying.
This construct is referred to as a [revocation certificate](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-openpgp-v6-revocation-certi).
On the other hand, to verify a data signature over a text document, an implementation needs to verify not only the data signature itself, but also the binding signature (and back-signature) of the signing subkey which qualifies the signing subkey.
```{figure} mermaid/09-sigtree.png
:name: fig-signature-verification-signature-tree
:alt: Depicts a diagrammatic representation of a certificate and a data signature. Arrows between the primary key and other components of the certificate show, how signatures bind the certificate together. In this example, they form a tree of signatures, which all need to be verified in order for the data signature to be valid.
Tree of signatures that qualify a data signature
```
## Revocations
A signature can be *disqualified* by the presence of a revocation signature.
Revocations can be limited in scope, e.g., a subkey-revocation signature only revokes a single subkey.
Moreover, revocations can also be constrained to a certain validity period by including a soft revocation reason and expiration time in the revocation signature.
```{admonition} TODO
:class: warning
Give guidance which revocations need to be considered for different types of signatures
```
## Advanced topics
### Attribute shadowing
When determining the preferences of a key, several signatures may have to be inspected.
For example, when using a signing subkey to generate a data signature, an implementation might want to check for hash algorithm preferences on the subkey binding signature.
However, the RFC [states](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#section-5.2.3.10-2) that signature subpackets in a direct key signature (which may also contain preferences) on the OpenPGP certificate's primary key apply to the entire OpenPGP key, and therefore also to the signing subkey.
In this case, the implementation uses the preferences from the subkey binding signature, but if no such subpacket is found on the latest binding signature, it falls back to the preferences from the direct key signature.
This is called attribute shadowing, since direct key signature subpackets apply to all subkeys, but are shadowed by binding signature subpackets.
```{figure} drawio/attribute-shadowing.png
:name: fig-signature-verification-attribute-shadowing
:alt: Depicts a certificate with to dedicated signing subkeys and a subkey binding signature each. The primary key carries a direct-key signature, which specifies SHA-512 and SHA-256 as hash algorithm preferences. The binding signature of the first signing subkey does not specify preferences, while the binding signature of the second subkey defines SHA-384. Signatures made using the first subkey source the hash algorithm preferences from the direct-key signature, due to the absence of a preference subpacket on the binding signature, while for signature made using the second subkey the direct-key signature's preferences are shadowed by the subkey signatures preferences subpacket.
Inheritance and Shadowing of Attributes
```
```{admonition} Note
:class: note
Attribute shadowing is relatively straightforward to reason about when used for algorithm preferences. For other subpacket types, shadowing may be confusing, and/or the semantics underspecified (e.g. for key expiration time subpackets).
```
### Signature shadowing
When inspecting signatures on a component of an OpenPGP certificate, of the signatures that are in effect for each function, only the newest is considered.
In other words:
- If there are three binding signatures `A, B, C` for a subkey,
- where:
- `A` was created at `t0`,
- `B` at `t1`, and
- `C` at `t3`, with
- `t0 < t1 < t2 < t3`.
- Then at `t2`, an implementation only needs to consider signature `B`,
- because `C` is not yet in effect, and
- `A` is shadowed, because it is older than `B`.
```{figure} drawio/cert-validity-subkey.png
:name: fig-signature-verification-subkey-validity
:alt: Depicts a gantt-style diagram visualizing how the validity of a certificates components changes over time, depending on component signatures.
An example for how certificate validity can change with time.
```
```{note}
Signature shadowing should not be confused with attribute shadowing.
```
As attribute and signature shadowing can occur in combination, it is not always obvious which properties a key has at a given time.
```{figure} drawio/dk-attributes-and-shadowing.png
:name: fig-signature-verification-signature-shadowing
:alt: Depicts a certificate with a subkey, whose capabilities change over time, due to signature shadowing another.
Signatures shadow one another, based on reference time.
```
### Which signatures take precedence?
Multiple signatures can be attached to an OpenPGP certificate or component. These signatures can contain conflicting information.
When verifying a signature that is not self-qualifying, an implementation needs to consider self-qualifying signatures on the issuer's certificate for qualification.
There might be several signatures per component.
For example, there could be multiple subkey binding signatures for one subkey.
In general, for each category of signatures, only the signature with the latest creation time is considered and takes precedence.
Alternatively, there might be competing qualifying signatures of different types, e.g., a direct key signature and a self-certification signature on a primary User ID.
In this case, depending on how a key is "addressed," different attributes from both candidates "shadow" another.
```{admonition} TODO
:class: warning
Replace hash algorithm preferences with AEAD preferences for a more realistic example.
```
For example, the latest direct key signature could list "SHA512, SHA384" as hash algorithm preferences, while the latest self-certification of the User ID "Bob" could list only "SHA256."
For yet another User ID "Bobby," the self-signature could list no hash algorithm preferences at all.
If the user wants to compose a signed message using the associated OpenPGP key they need to figure out which preferences to use.
The specification recommends that implementations decide which signature takes precedence by the way the certificate is "addressed."
```{figure} drawio/narrow-interpretation.png
Preferences are sourced from signatures on different components, depending on how the key is addressed.
```
If the user wants to write an email as "Bob," it should consider the signature on "Bob," so SHA256 should be used as hash algorithm.
If instead the user wants to write as "Bobby," the implementation should inspect the self-certification on "Bobby" instead.
However, since this signature does not carry any hash algorithm preferences subpacket, the implementation must fall back to the direct key signature instead.
The same is true if the certificate is used without any User ID as sender.
To complicate things further:
Algorithm preferences can also be stated on subkey binding signatures, so if the certificate has a dedicated signing subkey, there is yet another signature which could take precedence.
Preferences from the subkey binding signature take precedence over the direct key signature, but not over self-certifications on the User ID.
```{admonition} TODO
:class: warning
Have a table that lists which signatures take precedence in which cases.
```
There can be more than one signature on a component. As an example, there are 3 direct key signatures (e.g., because the key's expiry has been extended two times).
In general, for each component, only the newest self-signature is "in effect," and older signatures are "shadowed."
For each certificate, there is at most one "active" direct key signature, for each User ID at most one active self-certification and for each subkey exactly one subkey binding.
```{admonition} TODO
:class: warning
direct key signatures can be revoked, [canceling them](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#section-5.2.3.10-4), meaning an older direct-key signature might become active again? The text of the spec is confusing here.
```
### Complexity of the packet format
OpenPGP certificates can contain complex preference settings. Additionally, the OpenPGP packet format allows a lot of flexibility when storing certificates in TPK format.
User ID packets, for example, do not have a fixed position in a TPK. This means an attacker (or an implementation-internal certificate canonicalization procedure) can change the order in which User IDs appear in the certificate's packet sequence.
As a concrete example, consider a certificate with multiple User IDs, all marked as primary. Or similarly, a certificate with multiple User IDs of which none is marked as primary.
Clients might apply different heuristics to figure out which User ID actually qualifies as the primary User ID here.
Such subtle changes to the representation of a certificate can lead to different preference settings being deduced, by different OpenPGP implementations.

88
book/source/drawio/attribute-shadowing.drawio Normal file
View file

@ -0,0 +1,88 @@
<mxfile host="app.diagrams.net" modified="2023-11-10T12:55:04.959Z" agent="Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0" etag="68y6dkoQViWCf_BExrhc" version="22.1.0" type="device">
<diagram name="Page-1" id="2YBvvXClWsGukQMizWep">
<mxGraphModel dx="819" dy="434" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-2" value="" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="240" y="70" width="340" height="380" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-3" value="&lt;div&gt;Primary Key&lt;/div&gt;&lt;div&gt;(0xAA)&lt;br&gt;&lt;/div&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="260" y="120" width="140" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-4" value="&lt;div&gt;Signing Subkey #0&lt;br&gt;&lt;/div&gt;&lt;div&gt;(0xAB)&lt;br&gt;&lt;/div&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="260" y="230" width="140" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-8" value="&lt;div&gt;Subkey Binding-Signature&lt;br&gt;&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="270" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-5" value="&lt;div&gt;Direct-Key Signature&lt;br&gt;&lt;/div&gt;&lt;div&gt;Preferred Hash Algorithms: [SHA-512,SHA256]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="160" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-7" value="&lt;div&gt;Signing Subkey #1&lt;br&gt;&lt;/div&gt;&lt;div&gt;(0xAC)&lt;br&gt;&lt;/div&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="260" y="340" width="140" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-6" value="&lt;div&gt;Subkey Binding-Signature&lt;br&gt;&lt;/div&gt;&lt;div&gt;Preferred Hash Algorithms: [SHA-384]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="380" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-11" value="" style="endArrow=block;dashed=1;html=1;rounded=0;endFill=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-15">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="500" y="290" as="sourcePoint" />
<mxPoint x="500" y="200" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-12" value="" style="endArrow=classic;html=1;rounded=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;exitX=0.625;exitY=0.833;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-21" target="u9JMdRfH3SxJ6CQ8vYaj-7">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="640" y="364.71" as="sourcePoint" />
<mxPoint x="560" y="364.71" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-14" value="" style="endArrow=classic;html=1;rounded=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;exitX=0.476;exitY=0.833;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-19" target="u9JMdRfH3SxJ6CQ8vYaj-4">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="620" y="255" as="sourcePoint" />
<mxPoint x="560" y="254.71" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-15" value="?" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="470" y="280" width="60" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-16" value="" style="ellipse;whiteSpace=wrap;html=1;fillColor=none;dashed=1;" vertex="1" parent="1">
<mxGeometry x="340" y="300" width="190" height="10" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-18" value="" style="endArrow=classic;html=1;rounded=0;" edge="1" parent="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="560" y="190" as="sourcePoint" />
<mxPoint x="730" y="230" as="targetPoint" />
<Array as="points">
<mxPoint x="730" y="190" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-19" value="Signing w/ 0xAB: SHA512/SHA256" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="580" y="230" width="210" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-20" value="&lt;div style=&quot;font-size: 7px;&quot;&gt;DK Signature&lt;/div&gt;&lt;div style=&quot;font-size: 7px;&quot;&gt;applies to whole certificate&lt;br style=&quot;font-size: 7px;&quot;&gt;&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=7;" vertex="1" parent="1">
<mxGeometry x="500" y="210" width="60" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-21" value="Signing w/ 0xAC: SHA384" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="580" y="340" width="160" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-22" value="" style="endArrow=classic;html=1;rounded=0;entryX=0.817;entryY=1.019;entryDx=0;entryDy=0;entryPerimeter=0;exitX=0.889;exitY=0.6;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-6" target="u9JMdRfH3SxJ6CQ8vYaj-21">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="600" y="410" as="sourcePoint" />
<mxPoint x="740" y="400" as="targetPoint" />
<Array as="points">
<mxPoint x="710" y="410" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-23" value="SK Binding shadows DK Signature" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=7;" vertex="1" parent="1">
<mxGeometry x="590" y="400" width="110" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-24" value="Certificate 0xAA" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="370" y="80" width="110" height="30" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

BIN
book/source/drawio/attribute-shadowing.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 57 KiB

1
book/source/drawio/cert-validity-key-expiration.drawio Normal file
View file

@ -0,0 +1 @@
<mxfile host="app.diagrams.net" modified="2023-11-09T18:37:31.908Z" agent="5.0 (X11)" etag="CHE7VbVeDg4v-laCrwRr" version="21.0.1" type="device"><diagram name="Page-1" id="2YBvvXClWsGukQMizWep">7ZtRc6I6FMc/jTO9D3YICSCPq213Z7x37p1x5u7uI4WoTCNxQ9za++lvIkGBREu3gKy2DxZP0JDf/yScc4gDOFltP7NgvfyLRpgMbCvaDuDdwLZHyBGv0vCSGRBEmWHB4igzgYNhFv+HldFS1k0c4bR0IqeU8HhdNoY0SXDIS7aAMfpcPm1OSbnXdbDAmmEWBkS3fo0jvlTDcqyD/QuOF8u8Z2CpllWQn6wM6TKI6HPBBO8HcMIo5dnRajvBRLLLuWSfezjSur8whhNe5wPf+Wj699SyLIfNsP/5+/Trty/DfBw/A7JRI1ZXy19yBIxukgjLb7EGcPy8jDmerYNQtj4LzYVtyVdEvAPiUH0dZhxvj14o2A9fuA2mK8zZizhFfQCpa1Ie46q3zwf83kjZlgX0KCcfKMkX+28+UBEHCsxbIL3OiMSJOBqnnNGnvaOIMY6jmAm3jGki3qd0I+0N4xqVcQFb5wUMuPaYG8fl9hqXbfWNl9drXtDuG69Rr3kh1Ddefq95OW7feIEa98QzAnN7t+ADoAHjloZMjJiXYWT0JpRQJiwJ3SGdx4RUTAGJF5JnKAhhYR9LfrGI0T6phlUcRbIbY3BSDl+a8FinzN/S+bsG/rA1/PY7/LVh36y4JtTReLaBDWiNDdRdE1yuawKvb76JdP66d14Mf9vvG389GOfwcvkj0Df+enDP0eXyd2Df+OvJAncul7/bt9jErRGbHCiA1+tLRQ0GNpyPQhyGmmCixdr9NYPVr4Q1yEDVN2B1W3NrU07nEr5LQH6W8Lo/NrLCOJ7ThA/TXX31kzgBWOvtDk7eLo4W8v/dVLTOMJkPZ8KDA75heCBDNukiWQ+P7F0d5F8jBr671rL1vZc/YTjI0i95Grfa7e1+u45Zob9hu91NsXTKaqcyoDX32uBE8/2HB9/XJlqE58GG5GNQ5Xsgp10UpMt9X93MQWBKe1ubg64e2raztC1YEMWC0l2htICDlJ9c9U7KQcU1xFySdBpaISEsy7PP6AryIKdLeWy9KNH6Egl+xyXS7naJlOlH92vksGVl2lhp83lfCTlrLwfH1+aOJny36zGs8VwgXQZreRhuGHkZsyB8wvx1gcpqkuARk39oGiv2BM95IfD/s9K8TwDyVIFlLI5nCoxy5bl3Q78puSqFIWhbtxBoihlrc60V52CNJxNXqxjye6gY0tO5fwWlSJPtYjJqUKkoQf/MGTXSw84LlwA6fZNA3xAyEQPMww58wVqg6n3k3Fp4pjD/4x6ilPCcW2iX4zTDdirTPUQoduvClkRzTVteWs7N7N8xN0NXUL76SM0aTs0cr5KajQxTvtPUDNUI9BdCmPXR0avtvcFjfrr1VioeArf2Lz4dcVoDU2Pv35u23xrDiqq3Ck9+UH+nnbbi/tlH6j9UOeELR2UaGnYzmeqGLWpSo47QvCavryBFMQ7rR2tCGLbuwE51yGfi9SQ6rqOFa2ePr92PqtqJ4gDsYY3G/aiqndigVa0l9EExT1/prqWeYFdn0LnXO0+vcN5U85Y/eqpHIZcYtSMPMjzl6VYefT/vTfbgVf2+LhVHTzu98CHPtC06z6oA1vVoVy2bIkNk3a12etk01w7n65yVUvGSyBdCkwVmJWGvS8BqrfX8AuqbiW+yytqJyXc9elU3X7aol3h7+OHwrq3w62t4/z8=</diagram></mxfile>

BIN
book/source/drawio/cert-validity-key-expiration.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 40 KiB

1
book/source/drawio/cert-validity-simple.drawio Normal file
View file

@ -0,0 +1 @@
<mxfile host="app.diagrams.net" modified="2023-11-09T17:52:39.946Z" agent="5.0 (X11)" etag="sYTyf2mXicL_ydLRoJxl" version="21.0.1" type="device"><diagram name="Page-1" id="2YBvvXClWsGukQMizWep">5Vpdc6IwFP01PtohCR/yWLUfM92d3akzu9vHVKJmGo0TY9X99RskKBCs1IU2Q31wwoVAcs4Bzr2kgwbz7Z3Ay9l3HhHWgU607aBhB8IeCNV/HNglARe5SWAqaJSEwDEwon+JDjo6uqYRWeUOlJwzSZf54JgvFmQsczEsBN/kD5twlr/qEk+JERiNMTOjv2kkZ3pannOM3xM6naVXBo7eM8fpwTqwmuGIbzIhdNNBA8G5TFrz7YCwGLsUl6Tf7Ym9h4EJspBVOjzJ3sOPB8dxPDEi4d3Tw+8/9910Hq+YrfWM9WjlLoVA8PUiIvFZnA7qb2ZUktESj+O9G8W5is3knKktoJr6dERIsj05UHCYvpIN4XMixU4doju4ekxaMb7e3BzhD3o6NstADwMdxJry6eHMR1RUQwPzHpDOY8ToQrX6Kyn4y0Eoao79iAolS8oXanvF13G8Zrh6ebgANPECJXABvym4fKvhgo5teAVW44WgbXj1rMbLdW3DK7QaL8+3DS9Q4Z34iYD51j3wATAAk44BmZqxzIORoDfgjAsVWfA9pBPKWCGEGZ3GeI4VQkTF+zF+VHm0a71jTqMovkypOcnblzoU6+Xxd0z8/RL8UWPww//Qa83aLEgTmdAEsEybjWGDTGmC9koTBLZp0zXxN9XZGvxhaBv+phmXqL34u8A2/E1zL9324u8h2/A3kwXptRd/3zpvUpZ8+EzunfKrak7j5nBvmrsPJJ7KiLBJd6TQw3ItSCe2C/Hwkk7PIu2TRtSwMmcqOflAEJwY8mt1MulU7nizXVKR7Yqqj6IgsCPR4HwJLSszNfcwvL0NQ0OTEZngNZP16CYs+DbXlA3ySnTTWEqRmsS3dZMI5pG88nHCU91iAZeLBX6KWGKpNC2Wg1vfFbazCWhZBtqcWswE9JKnDKhPOO7Fwul+7kNmKnBElRAK77k0PMyUNwheyWaV5gXnn0uHd9eHKA2Z+YzBw2qGl3FzvBZs1xd4/ELkeULy7DH8TNhPvqIaa0YmMuMuvhV2H1xG6kdEgsVpOyK41KIbdsO6ss+C+4Ppdpausuy/sfQfVfgW8WXpKhayLKCrQmn/y9KFAuvoqvBl4cvS5Ya20eWWeepW0HXCtDToTPzAvUJB3pwE3pWPKnEMYe8qvZvrpxkaNP9S0EYG162peoBC1Q99dtXDNb86xEnqC2kxCRDZRoJp1Vt+HyDPNgrMlVP7dLfN94Eb2EaCmQM9ku7+VsCyzUz4yL+C58kAjveRbFTwzFMFxfIkAHqlK35OD3feC0zgFcoqFSV6uFT9qFRYA/euZailki3axH29NPm9XeIyiqzxz6ks0zeEcJKjbsmqnrIKfIOcVEjG6+fkfL0xS8Y7Pf0lRJQsYSmrOF7Cg9o8Lv/e78usoUc3/wA=</diagram></mxfile>

BIN
book/source/drawio/cert-validity-simple.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 26 KiB

1
book/source/drawio/cert-validity-subkey.drawio Normal file
View file

@ -0,0 +1 @@
<mxfile host="app.diagrams.net" modified="2023-11-09T18:03:34.394Z" agent="5.0 (X11)" etag="TfwtBB18-_Ys4L9oGnGs" version="21.0.1" type="device"><diagram name="Page-1" id="2YBvvXClWsGukQMizWep">7Vtbj+I2GP01SN0HVnGcEPI4MDO70rTqqkjd7qMhBqwxGBkzMP31dRIHkthAoAnjDcsDcr5csM85sb+L6cDhYveFo9X8DxZh2nGdaNeBjx3X7YNQfseG99TgQS81zDiJUhM4GEbkX6yMjrJuSITXhQsFY1SQVdE4YcslnoiCDXHOtsXLpowWf3WFZlgzjCaI6tbvJBJzNSzfOdi/YjKbZ78MHHVmgbKLlWE9RxHb5kzwqQOHnDGRtha7IaYxdhku6X3PR87uO8bxUlS54Yfov/z54jiOz0c4/PLj5fs/X7vZON4Q3agRq96K9wwCzjbLCMdPcTpwsJ0TgUcrNInPbiXn0jYXCyqPgGyqx2Eu8O5oR8F++FI2mC2w4O/yEiWRnurTNod3BuI8h7UHlREpjmf7Rx1gkA2FxCWonAeFkqVsDdaCs9e9MuSgBhHhUoeELeXxmm1ie134ZO+UGraCC7g6XsAAFwRNwdWzGi7XsQ2vwGq8oGsbXn2r8fI82/AKrcbL79mGF6iwCH4gYD3rJnwANMCEo0EmRyyKYKToDRllXFqWLIF0SigtmRAlsxjPiUQIS/sgxo9Ip+xBnViQKIp/xuiNFP2VOhTrF/F3dPx7Jvwbg9/9H3qtWZslaUIdmsDkuzUnTahLE7RXmiCwTZuejr+uztbg74a24a874wK2F38P2Ia/7twLr734+9A2/PVgQfjtxb9nnW9iCj56VCSe8ptszuLmY+I0d19wPJQRptPuSKKHxIbjTuwuxN1Lbxrz7J7MIruVe5Lh4UOOUeqQP8iHCafyjU+7FeH5W2H1XpQEdiAanM+Z5WUmxx6Gz89hqGkywlO0oaIe3YQlv83TZQN9g256TekmcxJP6yYVzF/4jU1SnuoWC7heLO6HiCWWStNi2Xvr76XjfABqikCbU4segF4zy4D6hONdLxz/lnPKjKOISN5Ly1pmfsxlMzBai2aF5Qfnp6HbCgvq4YvGw3qOVnFzsuH0fcDR5BWL84QU2aNojOk3tiYKa4qnIudM/F46vXcqMveDp1gc9z44E0pjj92wrmCz5OzBfvgZBhpjxni/sYAfVqg+3C1j5dSVHYxVyOffLWMwsJGxChWFu2XMCy1kzHM1xv6WKEUaba2JhEEpE+T5nomGmwbDnp6MHsoxqhDmFbeYDhdaSIfu3I0249ckPEi88jYTAn0LCdE32qj3o/V0eIF9dPgVgp+PqSu6gR4YBtC0ojaGjT6Vp3NHd0CWEVnOLsgtHM8iwJ8ki9BgTsDzS9T3deqhifrGcgL+L+/3OF2BjTkBrwJjMwn+6igAajsxGmeXOxcD44HP7pXFGb8xYCpsPbxou69x9S3nGJM0dfo5nWrUctvxx6ms1BNaOEpT17CZylT4aJCTCumQ+jk5n/fNk3HhDH8NEYadQ6ZZvjkefD1kPr3Cnyg7NVKNdO+lGmla8o1iaG7JN/0DQGPoGycLlIwjKTFV5PU3Z/fw8OlqLu2IgJpJVhdXy1BXQd80IzQmAlNlQaMznhTk5CCvy3IJJhpj0gef7onM4isNDctseFMydc8nP52P467HHFlKUQ2MlIr4+zjrw7INv8pAJ/IfwMKwKpOHKZ3dTcoLSLQ5Z+eH9uXsepV2wpSzqj+171EDk8FNi0Xy8PA33+Rc7r/S8Ok/</diagram></mxfile>

BIN
book/source/drawio/cert-validity-subkey.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 50 KiB

87
book/source/drawio/dk-attributes-and-shadowing.drawio Normal file
View file

@ -0,0 +1,87 @@
<mxfile host="app.diagrams.net" modified="2023-11-10T14:01:23.025Z" agent="Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0" etag="HG5qMndMbQspdgsOQZGk" version="22.1.0" type="device">
<diagram name="Page-1" id="2YBvvXClWsGukQMizWep">
<mxGraphModel dx="478" dy="253" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-2" value="" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="240" y="30" width="350" height="440" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-3" value="&lt;div&gt;Primary Key&lt;/div&gt;&lt;div&gt;(0xAA)&lt;/div&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="260" y="70" width="150" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-32" value="&lt;div&gt;Subkey Binding-Signature #2&lt;/div&gt;&lt;div&gt;Signature Creation Time: t4&lt;br&gt;&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="380" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-33" value="" style="endArrow=classic;html=1;rounded=0;dashed=1;dashPattern=1 1;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" edge="1" parent="1" target="u9JMdRfH3SxJ6CQ8vYaj-31">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="370" y="420" as="sourcePoint" />
<mxPoint x="190" y="280" as="targetPoint" />
<Array as="points">
<mxPoint x="340" y="420" />
<mxPoint x="340" y="170" />
<mxPoint x="425" y="170" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-4" value="&lt;div&gt;Signing Subkey #0&lt;/div&gt;&lt;div&gt;(0xAB)&lt;br&gt;&lt;/div&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="260" y="180" width="150" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-8" value="&lt;div&gt;Subkey Binding-Signature #0&lt;/div&gt;&lt;div&gt;Signature Creation Time: t0&lt;br&gt;&lt;/div&gt;&lt;div&gt;Key-Flags: [S]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="220" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-24" value="Certificate 0xAA" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="370" y="40" width="110" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-25" value="&lt;div&gt;Subkey Binding-Signature #1&lt;/div&gt;&lt;div&gt;Signature Creation Time: t2&lt;br&gt;&lt;/div&gt;&lt;div&gt;Key-Flags: [ ]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="300" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-26" value="" style="endArrow=classic;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.933;exitY=0.667;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-27" target="u9JMdRfH3SxJ6CQ8vYaj-8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="630" y="290" as="sourcePoint" />
<mxPoint x="680" y="280" as="targetPoint" />
<Array as="points">
<mxPoint x="425" y="290" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-27" value="t0 &amp;amp; t1: Subkey can sign" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="425" y="270" width="150" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-28" value="" style="endArrow=classic;html=1;rounded=0;exitX=0.975;exitY=0.667;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-29">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="630" y="370" as="sourcePoint" />
<mxPoint x="425" y="350" as="targetPoint" />
<Array as="points">
<mxPoint x="425" y="370" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-29" value="t2 &amp;amp; t3: Subkey cannot sign" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="430" y="350" width="155" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-31" value="Direct-Key Signature #0&lt;div&gt;Signature Creation Time: t0&lt;br&gt;&lt;/div&gt;&lt;div&gt;Key-Flags: [C,S]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="110" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-34" value="?" style="ellipse;whiteSpace=wrap;html=1;dashed=1;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="370" y="410" width="100" height="20" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-35" value="DK&#39;s Key-Flags apply" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=7;" vertex="1" parent="1">
<mxGeometry x="290" y="350" width="50" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-36" value="" style="endArrow=classic;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.997;exitY=0.678;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-37" target="u9JMdRfH3SxJ6CQ8vYaj-34">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="660" y="440" as="sourcePoint" />
<mxPoint x="650" y="420" as="targetPoint" />
<Array as="points">
<mxPoint x="420" y="450" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-37" value="t4+: Subkey can sign" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="430" y="430" width="115" height="30" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

BIN
book/source/drawio/dk-attributes-and-shadowing.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 57 KiB

89
book/source/drawio/narrow-interpretation.drawio Normal file
View file

@ -0,0 +1,89 @@
<mxfile host="app.diagrams.net" modified="2023-11-10T15:20:22.634Z" agent="Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0" etag="RpGQWCBljR0OpVnwUbNJ" version="22.1.0" type="device">
<diagram name="Page-1" id="2YBvvXClWsGukQMizWep">
<mxGraphModel dx="989" dy="523" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-2" value="" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="220" y="30" width="370" height="350" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-3" value="&lt;div&gt;Primary Key&lt;/div&gt;&lt;div&gt;(0xAA)&lt;/div&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="260" y="70" width="150" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-24" value="Certificate 0xAA" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="370" y="40" width="110" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-31" value="&lt;div&gt;Direct-Key Signature #0&lt;/div&gt;&lt;div&gt;Key-Flags: [C]&lt;br&gt;&lt;/div&gt;&lt;div&gt;Pref. AEAD Cipher-Suites: [AES128-OCB]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="110" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-38" value="&lt;div&gt;Encryption Subkey&lt;br&gt;&lt;/div&gt;&lt;div&gt;(0xAB)&lt;/div&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="260" y="270" width="150" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-60" value="" style="endArrow=block;dashed=1;html=1;rounded=0;endFill=1;fillColor=#60a917;strokeColor=#000000;" edge="1" parent="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="280" y="120" as="sourcePoint" />
<mxPoint x="280" y="270" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-39" value="Alice &amp;lt;alice@example.org&amp;gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;" vertex="1" parent="1">
<mxGeometry x="260" y="170" width="180" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-40" value="&lt;div&gt;Positive Certification #0&lt;/div&gt;&lt;div&gt;Pref. AEAD Cipher-Suites: [AES256-OCB]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="210" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-41" value="&lt;div&gt;Subkey-Binding Signature #0&lt;/div&gt;&lt;div&gt;Key-Flags: [E]&lt;br&gt;&lt;/div&gt;&lt;div&gt;Pref. AEAD Cipher-Suites: [AES256-GCM]&lt;br&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="290" y="310" width="270" height="50" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-44" value="" style="endArrow=classic;html=1;rounded=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;exitX=0.958;exitY=0.833;exitDx=0;exitDy=0;exitPerimeter=0;fillColor=#0050ef;strokeColor=#001DBC;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-54" target="u9JMdRfH3SxJ6CQ8vYaj-39">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="640" y="195" as="sourcePoint" />
<mxPoint x="680" y="180" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-53" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fillColor=#0050ef;strokeColor=#001DBC;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-40" target="u9JMdRfH3SxJ6CQ8vYaj-64">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="630" y="270" as="sourcePoint" />
<mxPoint x="720" y="235" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-54" value="Encrypting to &quot;Alice &amp;lt;alice@example.org&amp;gt;&quot;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="600" y="170" width="240" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-55" value="&lt;div&gt;Preferences from&lt;/div&gt;&lt;div&gt;self-certification&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="610" y="200" width="120" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-56" value="" style="endArrow=classic;html=1;rounded=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;exitX=0.895;exitY=0.833;exitDx=0;exitDy=0;exitPerimeter=0;fillColor=#60a917;strokeColor=#2D7600;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-57" target="u9JMdRfH3SxJ6CQ8vYaj-3">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="780" y="95" as="sourcePoint" />
<mxPoint x="730" y="100" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-57" value="Encrypting to certificate 0xAA" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="590" y="70" width="190" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-61" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fillColor=#60a917;strokeColor=#2D7600;" edge="1" parent="1" source="u9JMdRfH3SxJ6CQ8vYaj-41" target="u9JMdRfH3SxJ6CQ8vYaj-63">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="650" y="370" as="sourcePoint" />
<mxPoint x="730" y="130" as="targetPoint" />
<Array as="points">
<mxPoint x="600" y="335" />
<mxPoint x="600" y="135" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-62" value="&lt;div&gt;Preferences from&lt;/div&gt;&lt;div&gt;encryption key binding&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="550" y="100" width="230" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-63" value="AES256-GCM" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="730" y="120" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-64" value="AES256-OCB" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
<mxGeometry x="730" y="220" width="80" height="30" as="geometry" />
</mxCell>
<mxCell id="u9JMdRfH3SxJ6CQ8vYaj-65" value="Operation is delegated to subkey" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=7;" vertex="1" parent="1">
<mxGeometry x="230" y="230" width="40" height="30" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

BIN
book/source/drawio/narrow-interpretation.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 68 KiB

BIN
book/source/mermaid/09-sigtree.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 108 KiB