diff --git a/book/source/15-migration.md b/book/source/15-migration.md index 32e9fe2..78c2f83 100644 --- a/book/source/15-migration.md +++ b/book/source/15-migration.md @@ -21,19 +21,28 @@ Some of these features require use of new key material, while others can be adop ### SEIPD v2 A perfect example for a newly introduced feature that can be applied to existing v4 keys are the new SEIPDv2 packets. -Existing v4 keys can simply announce support for SEIPDv2 via a *Feature* subpacket in a self-signature. This signals to producers, that the users OpenPGP subsystem(s) are capable of handling SEIPDv2. + +Existing v4 keys can simply announce support for SEIPDv2 via a *Feature* subpacket in a self-signature. This signals to producers that the user's OpenPGP software is capable of handling SEIPDv2. (migration_s2k)= -### Argon2 S2K +### S2K usage mode AEAD -Another good example is the Argon2 S2K mechanism. +Another good example is the S2K mechanism for secret-key encryption. -The RFC [recommends](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-avoiding-ciphertext-malleab) that: "Users should migrate to AEAD with all due speed." +The RFC [states](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-avoiding-ciphertext-malleab) that: "Users are RECOMMENDED to migrate to AEAD." In the context of this chapter, this means that encrypted private keys should be upgraded by the user's OpenPGP software to use S2K usage mode 253 (AEAD) to encrypt the user's private key material. Note that S2K usage mode 253 (AEAD) can be applied to both version 6 and version 4 private keys, with sufficiently up-to-date OpenPGP software. This S2K usage mode is strongly recommended for all private keys. +#### S2K method Argon2 + +Independently, the RFC recommends the use of the Argon2 S2K method to hash passphrases, when it is available. + +Argon2 is only allowed in combination with AEAD. + +Users can and should migrate the protection of their private keys to Argon2 combined with the AEAD usage mode. + ### v6 signatures One feature that is denied from v4 keys are v6 signatures. Only v6 keys may issue v6 signatures.