diff --git a/book/source/glossary.md b/book/source/glossary.md index 40c2fa3..d1bad65 100644 --- a/book/source/glossary.md +++ b/book/source/glossary.md @@ -32,9 +32,7 @@ Authentication The term "authentication" here is semantically different from the one used in {term}`Authentication Key Flag`. Authentication Key Flag - A {term}`Key Flag` which indicates that a {term}`Component Key` can be used to prove control over {term}`private key material` with a challenge-response mechanism. This is typically done to log into a remote system, often using the OpenSSH protocol. - - Note that the term "authentication" is used in a different context here than {term}`Authentication` of {term}`identity claims` that are associated with a {term}`certificate`. See [](key-flags). + A {term}`Key Flag`, which indicates that a {term}`Component Key` can be used to confirm control over {term}`private key material` against a remote system. This is typically done to perform an authorative action, like logging into a system. The term "authentication" here is semantically different from {term}`Authentication`. See [](key-flags). Authentication Tag See {term}`Message Authentication Code`. @@ -51,12 +49,12 @@ Binary Signature Binding The process of creating a {term}`Binding Signature` for a {term}`Component`, or the resulting {term}`Binding Signature`. - See [](binding-signatures) for more. + See {ref}`binding-signatures` for more. Binding Signature A {term}`self-signature` on a {term}`component` which associates that {term}`component` to the issuing {term}`component key` in a {term}`certificate`. - See [](binding-signatures) for more. + See {ref}`binding-signatures` for more. CA See {term}`Certification Authority`. @@ -227,10 +225,6 @@ Identity Identity Certification An {term}`OpenPGP Signature Packet` on an {term}`Identity Component` which {term}`certifies` its {term}`authenticity`. - - Identity certifications can be issued either: - - by the certificate holder, as a {term}`self-signature`, or - - by a third party, as a {term}`third-party identity certifications`. Identity Claim A {term}`Certificate Holder` may use {term}`Identity Components` or {term}`Notations` to state a claim about their {term}`Identity`. @@ -307,7 +301,7 @@ Life-cycle Management See [](self-signatures). Literal Data Packet - A {term}`packet` which contains the plaintext data of an encrypted and/or signed message. See [RFC 5.9](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#lit) for more details. + A packet which contains the plaintext data of an encrypted and/or signed message. See [RFC 5.9](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#lit) for more details. MAC See {term}`Message Authentication Code`. @@ -318,10 +312,10 @@ Master Key Message Authentication Code A piece of information used for integrity and {term}`authenticity` verification of a message. See [](message-authentication-code). -Meta Introducer - An {term}`OpenPGP Certificate` that acts as a {term}`Trusted introducer` and has a {term}`Trust Depth` greater than one. +Meta-Introducer + An {term}`OpenPGP Certificate` with a {term}`Trust Depth` greater than one. - A meta introducer can introduce other (meta-) {term}`introducers`. + A meta-introducer can introduce other (meta-) introducers. Metadata Data related to preferences of an {term}`OpenPGP Certificate` or its {term}`Certificate Holder`, that can be found in {term}`signature` {term}`packets`. See [](metadata-in-certificates). @@ -574,7 +568,7 @@ Signature Type See {term}`OpenPGP Signature Type`. Signature Type ID - A numerical identifier for a {term}`Signature Type`. + A numerical identifier for a {term}`Signature Type`. Signature Verification In cryptography the mechanism of verification relates to a process in which a claim (i.e., a {term}`signature`) is tested (i.e., using the relevant {term}`components` of a {term}`certificate`). @@ -672,7 +666,7 @@ Trust Signature Trusted introducer OpenPGP users can choose to rely on {term}`certifications` issued by a third party. The remote party of such a {term}`delegation` is called a "trusted introducer". - See [](delegation) for more details. + See {ref}`delegation` for more details. TSK See {term}`Transferable Secret Key`. diff --git a/book/source/signing_components.md b/book/source/signing_components.md index c7d4286..0e24ed9 100644 --- a/book/source/signing_components.md +++ b/book/source/signing_components.md @@ -241,7 +241,7 @@ OpenPGP uses [*trust signature*](https://www.ietf.org/archive/id/draft-ietf-open (trust-level)= #### Trust depth/level -The "{term}`trust depth`" (or {term}`level`) in OpenPGP signifies the extent of transitive {term}`delegation` within the {term}`authentication` process. It determines how far a {term}`delegation` can be extended from the original {term}`trusted introducer` to subsequent intermediaries. Essentially, a {term}`certificate` with a {term}`trust depth` of more than one acts as a "{term}`meta introducer`," facilitating {term}`authentication` decisions across multiple levels in the network. +The "{term}`trust depth`" (or {term}`level`) in OpenPGP signifies the extent of transitive {term}`delegation` within the {term}`authentication` process. It determines how far a {term}`delegation` can be extended from the original {term}`trusted introducer` to subsequent intermediaries. Essentially, a {term}`certificate` with a {term}`trust depth` of more than one acts as a "{term}`meta-introducer`," facilitating {term}`authentication` decisions across multiple levels in the network. A {term}`trust depth` of 1 means relying on {term}`certifications` made directly by the {term}`trusted introducer`. The user's OpenPGP software will accept {term}`certifications` made directly by the {term}`introducer` for {term}`authenticating` identities.