From 7f7df00f43a8919d4a3f9464e7a56d6810262706 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Tue, 5 Dec 2023 20:37:48 +0100 Subject: [PATCH] g: delegation/trust signature --- book/source/23-glossary.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/book/source/23-glossary.md b/book/source/23-glossary.md index 425b76b..5a12791 100644 --- a/book/source/23-glossary.md +++ b/book/source/23-glossary.md @@ -76,7 +76,9 @@ CTB See {term}`Cipher Type Byte`. Delegation - See {term}`Trust signature` + OpenPGP users can [delegate authentication decisions](delegation) to third parties, and thus rely on {term}`certifications` they issue. The remote party is then called a "{term}`trusted introducer`". + + This kind of delegation involves {term}`certifications` that include the {term}`trust signature` subpacket. Direct Key Signature A {term}`Signature` that sets preferences and advertises features applicable to an entire {term}`Certificate`. See [](direct_key_signature). @@ -346,7 +348,12 @@ Trust Model A model by which trust between {term}`identities` associated with different {term}`OpenPGP Certificates` is created. See [](third_party_identity_certifications). Trust signature - a specific type of certification for a certificate, which marks that key as a "trusted introducer" (i.e. the party that creates the trust signature signals that they will trust certifications that the "trusted introducer" makes on certificates) + The *trust signature* subpacket on a certifying {term}`signature` is used for {term}`delegation` of {term}`authentication` decisions. With this feature, an OpenPGP user can designate a {term}`certificate` as a "{term}`trusted introducer`" and opt to rely on {term}`certifications` they issue. + +Trusted introducer + OpenPGP users can choose to rely on {term}`certifications` issued by a third party. The remote party of such a {term}`delegation` is called a "trusted introducer". + + See {ref}`delegation` for more details. TSK See {term}`Transferable Secret Key`.