vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-10 19:59:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

ch9: initial stab at splitting out "advanced" material

Browse source
This commit is contained in:
Heiko Schaefer 2023-11-26 21:58:59 +01:00
parent f446b12548
commit cb4f358a0b
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 21 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

40
book/source/09-verification.md
View file

@ -32,7 +32,7 @@ The validity of a correct signature is additionally constrained by a number of c
[^unknown-critical]: Note that this implies that a signature might be considered valid by one implementation and be rejected by another, based on the set of subpackets and notations each implementation is aware of. [^unknown-critical]: Note that this implies that a signature might be considered valid by one implementation and be rejected by another, based on the set of subpackets and notations each implementation is aware of.
### Well-formedness of signatures ## Well-formedness of signatures
There are a number of criteria that a signature must fulfill to be considered well-formed: There are a number of criteria that a signature must fulfill to be considered well-formed:
@ -44,7 +44,7 @@ There are a number of criteria that a signature must fulfill to be considered we
- The same applies to notations. Unknown notations that are marked as critical render the signature malformed. - The same applies to notations. Unknown notations that are marked as critical render the signature malformed.
(temporal-validity)= (temporal-validity)=
### Temporal validity ## Temporal validity
A signature is valid only for a constrained period of time: A signature is valid only for a constrained period of time:
@ -62,7 +62,7 @@ For the signature to qualify as valid, it needs to be in effect. In other words,
The same reference time must be used when verifying required qualifying signatures, if any. The same reference time must be used when verifying required qualifying signatures, if any.
### Self-qualifying and non-self-qualifying signatures ## Self-qualifying and non-self-qualifying signatures
Some signatures can be verified on their own, while others require the verification of additional signatures on the issuer certificate. We will call the former category *self-qualifying* signatures. Some signatures can be verified on their own, while others require the verification of additional signatures on the issuer certificate. We will call the former category *self-qualifying* signatures.
@ -85,7 +85,7 @@ Examples for signatures which are not self-qualifying are:
- third-party certification (`0x10`-`0x13`), or - third-party certification (`0x10`-`0x13`), or
- third-party certification revocation signatures (`0x30`). - third-party certification revocation signatures (`0x30`).
### Signature qualification ## Signature qualification
To verify non-self-qualifying signatures, it is necessary to look at more than just the signature itself. To verify non-self-qualifying signatures, it is necessary to look at more than just the signature itself.
@ -110,6 +110,21 @@ On the other hand, to verify a data signature over a text document, an implement
Tree of signatures that qualify a data signature Tree of signatures that qualify a data signature
``` ```
## Revocations
A signature can be *disqualified* by the presence of a revocation signature.
Revocations can be limited in scope, e.g., a subkey-revocation signature only revokes a single subkey.
Moreover, revocations can also be constrained to a certain validity period by including a soft revocation reason and expiration time in the revocation signature.
```{admonition} TODO
:class: warning
Give guidance which revocations need to be considered for different types of signatures
```
## Advanced topics
### Attribute shadowing ### Attribute shadowing
When determining the preferences of a key, several signatures may have to be inspected. When determining the preferences of a key, several signatures may have to be inspected.
@ -169,20 +184,7 @@ As attribute and signature shadowing can occur in combination, it is not always
Signatures shadow one another, based on reference time. Signatures shadow one another, based on reference time.
``` ```
### Revocations ### Which signatures take precedence?
A signature can be *disqualified* by the presence of a revocation signature.
Revocations can be limited in scope, e.g., a subkey-revocation signature only revokes a single subkey.
Moreover, revocations can also be constrained to a certain validity period by including a soft revocation reason and expiration time in the revocation signature.
```{admonition} TODO
:class: warning
Give guidance which revocations need to be considered for different types of signatures
```
## Which signatures take precedence?
Multiple signatures can be attached to an OpenPGP certificate or component. These signatures can contain conflicting information. Multiple signatures can be attached to an OpenPGP certificate or component. These signatures can contain conflicting information.
@ -237,7 +239,7 @@ For each certificate, there is at most one "active" direct key signature, for ea
direct key signatures can be revoked, [canceling them](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#section-5.2.3.10-4), meaning an older direct-key signature might become active again? The text of the spec is confusing here. direct key signatures can be revoked, [canceling them](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#section-5.2.3.10-4), meaning an older direct-key signature might become active again? The text of the spec is confusing here.
``` ```
## Complexity of the packet format ### Complexity of the packet format
OpenPGP certificates can contain complex preference settings. Additionally, the OpenPGP packet format allows a lot of flexibility when storing certificates in TPK format. OpenPGP certificates can contain complex preference settings. Additionally, the OpenPGP packet format allows a lot of flexibility when storing certificates in TPK format.