mirror of
https://codeberg.org/openpgp/notes.git
synced 2025-09-10 19:59:40 +02:00
Small changes
This commit is contained in:
Heiko Schaefer
parent
6388d5c33b
commit
5ab4546144
1 changed files with 13 additions and 7 deletions
|
|
@ -7,10 +7,11 @@ SPDX-License-Identifier: CC-BY-SA-4.0
|
||||||
# Verification
|
# Verification
|
||||||
|
|
||||||
Signature verification in the OpenPGP protocol is a complex process.
|
Signature verification in the OpenPGP protocol is a complex process.
|
||||||
There are lots of different factors that can influence the validity of a signature.
|
There are lots of different factors that can influence the validity of a signature, most importantly its expiration date.
|
||||||
Some signatures can be verified standalone, while others require the verification of a chain-like structure of other signatures, mostly on the issuers certificate.
|
|
||||||
Signatures can be invalid due to the absence or presence of other signatures.
|
|
||||||
A signature can be valid at one point in time and invalid merely a second later.
|
A signature can be valid at one point in time and invalid merely a second later.
|
||||||
|
Signatures can be invalid due to the absence or presence of other signatures (e.g. revocations).
|
||||||
|
Some signatures can be verified standalone, while others require the verification of a chain-like structure of other signatures, mostly on the issuers certificate.
|
||||||
|
|
||||||
|
|
||||||
## When are signatures valid?
|
## When are signatures valid?
|
||||||
|
|
||||||
|
|
@ -21,19 +22,23 @@ Put mathematically, the set of valid signatures is a subset of the set of correc
|
||||||
|
|
||||||
The validity of a correct signature is additionally constrained by a number of conditions:
|
The validity of a correct signature is additionally constrained by a number of conditions:
|
||||||
* well-formedness
|
* well-formedness
|
||||||
Signatures need to be well-formed, meaning they must contain required signature subpackets in the proper subpacket area and must not contain unknown critical subpackets or notations.
|
Signatures need to be well-formed, meaning they must contain required signature subpackets in the proper subpacket area and must not contain unknown critical subpackets or unknown critical notations.
|
||||||
|
Note: This also means, that a signature might be considered valid by one implementation and be rejected by another.
|
||||||
|
Some implementations further apply a policy when verifying signatures, putting constraints on used hash- and key algorithms and key strengths.
|
||||||
* temporal validity
|
* temporal validity
|
||||||
Most signatures have a limited validity period, constrained by the signature creation- and expiration time.
|
Most signatures have a limited validity period, constrained by the signature creation- and expiration time.
|
||||||
* qualification
|
* qualification
|
||||||
Furthermore, some signatures need to be *qualified* by another valid signature in order to be considered valid.
|
Furthermore, some signatures need to be *qualified* by other valid signatures in order to be considered valid.
|
||||||
|
This is especially the case with signatures created by dedicated signing subkeys, where, in addition to the signature itself, the subkeys binding signature(s) must be verified.
|
||||||
* revocation
|
* revocation
|
||||||
Lastly, signatures can be invalidated by revocations.
|
Lastly, signatures can be invalidated by revocations.
|
||||||
|
|
||||||
### Temporal validity
|
### Temporal validity
|
||||||
|
|
||||||
A signature is valid only for a constrained period of time.
|
A signature is valid only for a constrained period of time.
|
||||||
A lower constraint for the validity period is the creation time of the signature. An exception from this rule are hard revocation signatures, where this lower constraint is dropped.
|
A lower constraint for the validity period is the creation time of the signature, meaning a signature only becomes valid after its creation timestamp.
|
||||||
An upper constraint might be the signatures expiration time.
|
An upper constraint might be the signatures expiration time.
|
||||||
|
A special case are hard revocation signatures, where the lower constraint is dropped, so hard revocations are valid since the dawn of time.
|
||||||
|
|
||||||
When checking a signature for validity, a reference time is defined.
|
When checking a signature for validity, a reference time is defined.
|
||||||
For an email that might be the signature creation time itself, or the reception date.
|
For an email that might be the signature creation time itself, or the reception date.
|
||||||
|
|
@ -52,7 +57,7 @@ Examples for signatures which are not self-qualifying are data signatures (0x00,
|
||||||
### Signature qualification
|
### Signature qualification
|
||||||
|
|
||||||
To verify non-self-qualifying signatures, it is not sufficient to only look at the signature itself.
|
To verify non-self-qualifying signatures, it is not sufficient to only look at the signature itself.
|
||||||
The reason is, that the issuer (sub-) key needs to be qualified to create such a signature.
|
The reason is, that the issuer (sub-) key needs to be qualified to create such a signature (e.g. because a special key-flag is required).
|
||||||
This qualification typically comes via another self-signature on the key itself.
|
This qualification typically comes via another self-signature on the key itself.
|
||||||
|
|
||||||
Instead, a chain of valid signatures from the signature itself to the primary key of the issuer certificate needs to be established.
|
Instead, a chain of valid signatures from the signature itself to the primary key of the issuer certificate needs to be established.
|
||||||
|
|
@ -70,6 +75,7 @@ On the other hand, in order to verify a data signature over a text document, an
|
||||||
```
|
```
|
||||||
|
|
||||||
### Attribute Shadowing
|
### Attribute Shadowing
|
||||||
|
|
||||||
TODO
|
TODO
|
||||||
|
|
||||||
### Revocations
|
### Revocations
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue