diff options
| author | saturneric <[email protected]> | 2025-06-23 18:03:07 +0000 |
|---|---|---|
| committer | saturneric <[email protected]> | 2025-06-23 18:03:07 +0000 |
| commit | 49108b8d9d680932af9d01009f3e4f94cf48f6e8 (patch) | |
| tree | 0409058e3a197e6eb93610ba1047e75c151e6443 /src/content/docs/guides | |
| parent | docs(smart-card): fix heading levels in smart card documentation (diff) | |
| download | Manual-49108b8d9d680932af9d01009f3e4f94cf48f6e8.tar.gz Manual-49108b8d9d680932af9d01009f3e4f94cf48f6e8.zip | |
docs(guides): add section on public key certificates
- explain what public key certificates contain
- describe importance of certificates for identity binding and trust
- provide example of certificate usage
- improve formatting and readability throughout guide
Diffstat (limited to 'src/content/docs/guides')
| -rw-r--r-- | src/content/docs/guides/fundamental-concepts.md | 45 |
1 files changed, 42 insertions, 3 deletions
diff --git a/src/content/docs/guides/fundamental-concepts.md b/src/content/docs/guides/fundamental-concepts.md index f1223b2..9fbcb52 100644 --- a/src/content/docs/guides/fundamental-concepts.md +++ b/src/content/docs/guides/fundamental-concepts.md @@ -19,16 +19,16 @@ At the heart of GPG is the **key pair**: two mathematically linked keys. - **Public Key**: Share this with anyone. Others use it to: - Send you encrypted messages. - Verify your digital signature. - - **Private Key**: Keep this secret. You use it to: - Decrypt messages sent to you. - Sign data so others know it’s really from you. - :::tip[Think of it like a mailbox] + - Your public key is the address — people can send you letters. - Your private key is the key to open the mailbox — only you can read what’s inside. + ::: ## 🔧 Generating a Key Pair @@ -61,6 +61,7 @@ independently. ## 🧱 Understanding the Primary Key Your **primary key** is your core identity. It: + - Links to your user ID (usually name + email). - Signs your subkeys. - Can certify other people's public keys (used to build trust networks). @@ -76,6 +77,38 @@ you. That’s why: ::: +## 🏷️ Public Key Certificates: Proving Identity and Key Relationships + +A public key in GPG/PGP is not just a raw cryptographic key. +It is always packaged as a certificate, which contains more than just the key itself. + +A public key certificate includes: + +- The public key data (for encryption and verifying signatures) +- The User ID (your name and email address) +- Signatures made by your own primary key and, optionally, by other people + +### Why Are Certificates Important? + +- Binding Identity: The certificate links your key to your identity, such as + your name and email. This way, people can verify that the key truly belongs to + you. +- Establishing Trust: Others can “sign” your public key, vouching for your + identity. This signature acts as a recommendation, forming a “Web of Trust.” +- Subkey Relationship: If you use subkeys (for encryption or signing), their + certificates include signatures from your primary key. This proves that each + subkey really belongs to your primary identity, and not to someone else. + +### Example + +When you share your public key, you are actually sharing a certificate that: + +- Includes your identity and any subkeys +- Shows cryptographic proof that the subkeys are authorized by your primary key +- May be signed by other people who trust your identity + +This is why you should always distribute your full public key certificate—not just the bare key! + ## ✉️ How Encryption Works Imagine you want to send a private message to someone: @@ -86,6 +119,7 @@ Imagine you want to send a private message to someone: 4. They can **verify your signature** with your public key. This ensures: + - **Privacy**: No one but the intended recipient can read the message. - **Authenticity**: The recipient knows the message is from you. @@ -98,6 +132,7 @@ others to: - Confirm that **you** are the sender. Digital signatures are used to: + - Sign emails. - Sign files or software packages. - Sign other people's public keys (to build trust). @@ -107,6 +142,7 @@ Digital signatures are used to: ### Secure Email You want to email a sensitive document: + - Encrypt it using the recipient’s public key. - Sign it with your private key. - The recipient decrypts and verifies it. @@ -114,12 +150,14 @@ You want to email a sensitive document: ### Software Publishing You release a file or program online: + - You sign it. - Users can verify the signature before using it. ### Building Trust You meet someone at a conference: + - You exchange and sign each other’s keys. - Anyone who trusts your key may now also trust theirs. @@ -141,6 +179,7 @@ You meet someone at a conference: ## 🧭 Summary GPG is a powerful tool for privacy and digital identity. By learning: + - How keys work, - When to encrypt vs. sign, - And how to protect your credentials, @@ -175,4 +214,4 @@ GPG with simplicity and clarity. You focus on **secure communication** — let GpgFrontend handle the complexity behind it. -:::
\ No newline at end of file +::: |