vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-10 11:49:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

change key store to keystore, edit two-tier section

Browse source
This commit is contained in:
Tammi L. Coles 2023-11-30 17:34:28 +01:00
parent cd6b049ae5
commit 84ba8afc5c
1 changed files with 17 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

6
book/source/05-private.md
View file

@ -173,11 +173,9 @@ When implementing a key store based on hardware cryptographic devices like [Open
### Addressing individual keys
An independent design question is how key material is addressed, by users of the keystore.
A critical aspect of keystore design involves determining how users address individual key materials.
The fingerprint of the individual component keys is one obvious option.
Depending on what backs the keystore, fingerprints are readily available, such as with software private keys, or OpenPGP card devices. In other cases, the key store needs to keep track of fingerprints by itself, e.g., when based on generic cryptographic hardware such as TPM.
One common method is using the fingerprint of each component key. The availability of these fingerprints, however, depends on the underlying technology of the keystore. For instance, in software-based private keystores or OpenPGP cards, fingerprints of component keys are usually directly accessible. Key stores relying on generic cryptographic hardware, like TPMs, need to implement their own mechanisms for tracking and managing the fingerprints of each key.
### Assorted other duties