vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-09 11:19:41 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix terminology

Browse source
This commit is contained in:
Heiko Schaefer 2023-12-03 23:16:20 +01:00
parent d59330a08d
commit 8712e97f8e
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
book/source/04-certificates.md
View file

@ -347,7 +347,7 @@ By contrast, a soft revocation leaves the revoked component or signature valid b
Hard revocations address the following problem: If a private key was compromised, then the attacker can issue signatures using that key. This means, the attacker could issue a signature dated before the revocation, impersonating the owner of the key. A recipient of that signature would mistakenly consider this signature valid if the issuing key has been soft revoked. This is a problem.
To counteract this problem, it is reasonable to clearly mark compromised keys as suspect at any point in time. That's what hard revocations do.
On the other hand, if the subkey was merely retired, and the certificate holder moved to a different subkey, then the signatures in the past, made by the retired key, are still correct.
On the other hand, if the subkey was merely retired, and the certificate holder moved to a different subkey, then the signatures in the past, made by the retired key, are still valid.
(append-only)=
### Certificates are effectively append-only data structures