mirror of
https://codeberg.org/openpgp/notes.git
synced 2025-12-11 16:11:07 +01:00
Add glossary links for chapter 7
Signed-off-by: David Runge <dave@sleepmap.de>
This commit is contained in:
David Runge
parent
b4b6d04b36
commit
41aa18b853
3 changed files with 98 additions and 50 deletions
|
|
@ -24,6 +24,9 @@ Authentication Tag
|
|||
Authenticity
|
||||
See {term}`Authentication`.
|
||||
|
||||
Binary Signature
|
||||
A {term}`Data Signature` with the {term}`Signature Type ID` `0x00`, which is used for binary data.
|
||||
|
||||
Binding Signature
|
||||
A {term}`signature` on a {term}`component` which links that {term}`component` to a {term}`certificate<OpenPGP Certificate>`.
|
||||
|
||||
|
|
@ -41,9 +44,6 @@ Certificate
|
|||
Certificate Authority
|
||||
See {term}`Certification Authority`
|
||||
|
||||
Certification Authority
|
||||
Also known as [Certificate authority](https://en.wikipedia.org/wiki/Certificate_authority), this is an entity that handles digital certificates, especially by signing or issuing them.
|
||||
|
||||
Certificate Holder
|
||||
A person or other entity, that holds an {term}`Transferable Secret Key` and thus is able to modify the accompanying {term}`OpenPGP Certificate`.
|
||||
|
||||
|
|
@ -52,12 +52,22 @@ Certification
|
|||
|
||||
Most commonly, the term is applied to "[third-party certifications](third_party_cert)," in which an external actor indicates that they have {term}`validated<Validation>` the link between an {term}`identity` and a {term}`certificate<OpenPGP Certificate>`. However, the term is also used for [self-signatures that bind identity components](bind_ident) to a {term}`certificate<OpenPGP Certificate>`.
|
||||
|
||||
Certification Authority
|
||||
Also known as [Certificate authority](https://en.wikipedia.org/wiki/Certificate_authority), this is an entity that handles digital certificates, especially by signing or issuing them.
|
||||
|
||||
Certification Key Flag
|
||||
A {term}`Key Flag`, indicating that a {term}`Component Key` can be used for issuing third-party {term}`certifications<Certification>`. See [](capabilities_key_flags).
|
||||
|
||||
Cipher Type Byte
|
||||
This historical term was defined in [RFC 1991](https://datatracker.ietf.org/doc/html/rfc1991#section-4.1) and was subsequently superseded by {term}`Packet Tag` in [RFC 2440](https://datatracker.ietf.org/doc/html/rfc2440#section-4.2), which is in turn superseded by {term}`Packet Type ID` in the new [RFC](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-packet-headers).
|
||||
|
||||
Cleartext Signature
|
||||
A {term}`Data Signature` which exists in a combined text format, encapsulating the (readable) text input it was created for. See [](cleartext-sig).
|
||||
|
||||
Cleartext Signature Framework
|
||||
A framework for creating {term}`cleartext signatures<Cleartext Signature>`.
|
||||
See [RFC 7](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#cleartext-signature).
|
||||
|
||||
Component
|
||||
An element in an {term}`OpenPGP Certificate`, that represents a {term}`component key` or {term}`identity component`.
|
||||
|
||||
|
|
@ -82,11 +92,20 @@ Cryptographic Signature
|
|||
CTB
|
||||
See {term}`Cipher Type Byte`.
|
||||
|
||||
Data Signature
|
||||
{term}`Cryptographic signature` over binary documents or canonical text documents. See [](/07-signing_data).
|
||||
|
||||
Data Signature Packet
|
||||
An {term}`OpenPGP Signature Packet` which describes a {term}`Data Signature`. See [](/07-signing_data).
|
||||
|
||||
Delegation
|
||||
OpenPGP users can [delegate authentication decisions](delegation) to third parties, and thus rely on {term}`certifications<Certification>` they issue. The remote party is then called a "{term}`trusted introducer`".
|
||||
|
||||
This kind of delegation involves {term}`certifications<Certification>` that include the {term}`trust signature` subpacket.
|
||||
|
||||
Detached Signature
|
||||
A {term}`Data Signature` which exists as a separate file to the file it was created for. See [](forms_of_openpgp_data_signatures).
|
||||
|
||||
Direct Key Signature
|
||||
A {term}`Signature` that sets preferences and advertises features applicable to an entire {term}`Certificate`. See [](direct_key_signature).
|
||||
|
||||
|
|
@ -126,6 +145,9 @@ Identity Component
|
|||
Identity Verification
|
||||
A process by which the {term}`Identity Claim` of a {term}`Certificate Holder` is verified. See also {term}`Signature Verification`.
|
||||
|
||||
Inline Signature
|
||||
A {term}`Data Signature` which exists encapsulated alongside the data it was created for in an OpenPGP container. See [](forms_of_openpgp_data_signatures).
|
||||
|
||||
Issuer
|
||||
An entity, that created an {term}`OpenPGP Signature Packet` using an {term}`Transferable Secret Key`.
|
||||
|
||||
|
|
@ -153,6 +175,9 @@ Key
|
|||
Key Flag
|
||||
A preference encoded in an {term}`OpenPGP Signature Subpacket`, that defines the {term}`Capability` a {term}`OpenPGP Component Key` has. See [](signature_subpackets).
|
||||
|
||||
Key Holder
|
||||
See {term}`Certificate Holder`.
|
||||
|
||||
Key ID
|
||||
The high-order (leftmost) 64 bits of an {term}`OpenPGP Fingerprint`.
|
||||
Historically, this term refers to the low-order (rightmost) 64 bits of an {term}`OpenPGP Fingerprint`.
|
||||
|
|
@ -160,12 +185,16 @@ Key ID
|
|||
Key Material
|
||||
May refer to {term}`Public Key Material` or {term}`Private Key Material`.
|
||||
|
||||
Key Holder
|
||||
See {term}`Certificate Holder`.
|
||||
|
||||
Key Owner
|
||||
See {term}`Certificate Holder`.
|
||||
|
||||
Key Server
|
||||
A piece of software available over the network, which provides access to {term}`OpenPGP Certificates<OpenPGP Certificate>` e.g., by searching for an {term}`OpenPGP Fingerprint` or {term}`User ID`, via the `HKP` and/ or `HKPS` protocols.
|
||||
Several implementations such as [hagrid](https://gitlab.com/keys.openpgp.org/hagrid/), or [hockeypuck](https://github.com/hockeypuck/hockeypuck) exist.
|
||||
|
||||
Literal Data Packet
|
||||
A {term}`packet<OpenPGP Signature Packet>` in a {term}`Data Signature` which contains data, that has been signed using a {term}`cryptographic signature`. See [RFC 5.9](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#lit) for more details.
|
||||
|
||||
MAC
|
||||
See {term}`Message Authentication Code`.
|
||||
|
||||
|
|
@ -187,6 +216,9 @@ Notation Signature Subpacket
|
|||
Notation Tag
|
||||
Part of a {term}`Notation` name.
|
||||
|
||||
One-pass Signature Packet
|
||||
One or more {term}`packets<OpenPGP Signature Packet>` before the actual data in a {term}`Data Signature` which contain information to allow a receiving {term}`implementation<OpenPGP Implementation>` to create {term}`hashes<Hash Digest>` required for signature verification. See [RFC 5.4](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig) for more details.
|
||||
|
||||
OpenPGP Certificate
|
||||
An OpenPGP certificate contains public key material, identity claims and third party certifications (but no private key material)
|
||||
|
||||
|
|
@ -204,6 +236,9 @@ OpenPGP Implementation
|
|||
OpenPGP Key
|
||||
Used either for an {term}`OpenPGP Certificate` (containing public key material and metadata), or for an {term}`OpenPGP Private Key`. See [](/04-certificates) for an in-depth discussion.
|
||||
|
||||
OpenPGP Message
|
||||
A data structure, which contains OpenPGP components such as {term}`OpenPGP Certificate` or {term}`OpenPGP Signature Packet` and plaintext or encrypted data.
|
||||
|
||||
OpenPGP Public Key
|
||||
See {term}`OpenPGP Certificate`.
|
||||
|
||||
|
|
@ -303,7 +338,7 @@ Signature On Component
|
|||
{term}`Cryptographic signature` associated with {term}`Component Keys<Component Key>` or {term}`Identity Components<Identity Component>`. See [](/08-signing_components).
|
||||
|
||||
Signature Over Data
|
||||
{term}`Cryptographic signature` over binary documents or canonical text documents. See [](/07-signing_data).
|
||||
See {term}`Data Signature`.
|
||||
|
||||
Signature Packet
|
||||
See {term}`OpenPGP Signature Packet`.
|
||||
|
|
@ -329,6 +364,15 @@ Signer
|
|||
Signing Key Flag
|
||||
A {term}`Key Flag`, indicating that a {term}`Component Key` can be used for signing data. See [](capabilities_key_flags).
|
||||
|
||||
Strong Authentication
|
||||
"Strong Authentication" in this text refers to having ascertained that a {term}`certificate<OpenPGP Certificate>` and an {term}`identity claim` on it are legitimately linked. That is, that the person who controls the {term}`certificate<OpenPGP Certificate>` is correctly represented by the {term}`identity component`.
|
||||
|
||||
Strong authentication in OpenPGP is typically encoded with a {term}`certification signature`.
|
||||
|
||||
Ascertaining strong authentication requires an out-of-band check: Either via a manual {term}`verification` process, or an automated system that can {term}`certify<Certification>` that a user has identified to the system that issues the {term}`identity` in question (e.g. an email provider can {term}`certify<Certification>` email-based {term}`identities<Identity>` that it issues to the user).
|
||||
|
||||
Also see {term}`Authentication`.
|
||||
|
||||
Subkey
|
||||
See {term}`OpenPGP Subkey`.
|
||||
|
||||
|
|
@ -344,6 +388,9 @@ Symmetric Cryptography
|
|||
Symmetric Secret Key
|
||||
The {term}`Private Key Material` used in {term}`Symmetric Cryptography`.
|
||||
|
||||
Text Signature
|
||||
A {term}`signature packet<OpenPGP signature packet>` with the {term}`Signature Type ID` `0x01`, which is used for textual data.
|
||||
|
||||
Third-party Identity Certification
|
||||
{term}`Certification` by third-parties to confirm ownership of an {term}`OpenPGP Certificate` by a {term}`Certificate Holder`. See [](third_party_identity_certifications).
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue