From 33bda5f443fd5dd24833fea9ff96c01b72799e28 Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Sun, 19 Nov 2023 23:10:49 +0100
Subject: [PATCH] write ch10

---
 book/source/10-encryption.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/book/source/10-encryption.md b/book/source/10-encryption.md
index 5102f6a..84fe481 100644
--- a/book/source/10-encryption.md
+++ b/book/source/10-encryption.md
@@ -68,13 +68,17 @@ Version 1 SEIPD can only be combined with either [version 3 PKESK](https://www.i
 
 When communicating with a mix of recipients, some of whose OpenPGP software only supports OpenPGP version 4, then this mechanism must be used.
 
-## Handling session keys with *ESK packets
+## Handling encrypted session keys: PKESK, SKESK
 
-"ESK" is a family of mechanisms for dealing with symmetric key material. It has two branches:
+"*ESK" is a family of mechanisms for dealing with symmetric key material. It has two branches:
 
 - [PKESK](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-public-key-encrypted-sessio): Uses asymmetric OpenPGP key material to protect a session key, and
 - [SKESK](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-symmetric-key-encrypted-ses): Uses passphrases to protect the symmetric key material, instead of OpenPGP asymmetric key material (this is less commonly used).
 
+### PKESK: Session key encrypted to an asymmetric OpenPGP key
+
+### SKESK: Session key encrypted to a passphrase
+
 ## Advanced topics
 
 ### Encrypt for multiple/single subkey per certificate?