From 3b401a17a7c5d37804a1f492970fc8799f0ae473 Mon Sep 17 00:00:00 2001 From: "Tammi L. Coles" Date: Fri, 10 Nov 2023 15:07:35 +0100 Subject: [PATCH] tighten up ch6 signature packet creation section --- book/source/06-signatures.md | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/book/source/06-signatures.md b/book/source/06-signatures.md index 704f27d..cad83e2 100644 --- a/book/source/06-signatures.md +++ b/book/source/06-signatures.md @@ -62,24 +62,21 @@ Structure of an OpenPGP signature packet ### Creating an OpenPGP signature packet -When someone creates a signature packet, their goal is to make some type of statement about a set of input data, and encode this statement in the signature packet. +Creating an OpenPGP signature packet involves encoding a statement about a specific set of data within the packet. -The input data consists of: +The input data of a signature packet includes: -- a number of packets (usually one or more packets, but in some cases none), which the signature statement is about, and -- some of the data in the signature packet itself. This data specifies the intent of the signature. +- **Packets being signed**: Typically one or more packets, though sometimes none, depending on the context. These are the packets to which the signature statement pertains. +- **Data within the signature packet**: This includes information that specifies the intent of the signature. -The signature type determines which data is used as the input data. Either way, the input data always consists of the information that the signature makes a statement about. +The input data is determined by the signature type and consists of the exact content that the signature statement addresses. The signature packet consists of two parts: -- The data that defines the meaning of the statement, and -- A cryptographic digital signature with which the signer formally endorses that statement. - -So the signature packet hinges on that cryptographic signature. It is produced by the issuer as follows: - -1. A hash digest is calculated from the set of input data. -2. The signature is calculated for this hash digest. +1. **Statement definition**: This part of the packet defines the meaning or intent of the signature. +2. **Cryptographic digital signature**: This is the formal endorsement by the signer, created as follows: + - A hash digest is calculated from the input data. + - The signature is then calculated for this hash digest. ```{figure} diag/Signature_Creation.png