feat: add and improve documents

1 files changed, 4 insertions, 176 deletions

diff --git a/src/content/docs/guides/generate-key.md b/src/content/docs/guides/generate-key.md
index 9202d80..354b54c 100644
--- a/src/content/docs/guides/generate-key.md
+++ b/src/content/docs/guides/generate-key.md
@@ -1,5 +1,5 @@
 ---
-title: Generate Key Pair & Subkey
+title: Generate Key Pair
 sidebar:
   order: 3
 ---
@@ -65,188 +65,16 @@ signing, and authentication. Follow the steps below to create your own keys.
 By following these steps, you can generate a secure key pair using GpgFrontend,
 tailored to your specific needs for encryption, signing, and authentication.
 
-## Steps to Generate a Subkey
-
-![Generate A Subkey](https://image.cdn.bktus.com/i/2024/06/15/a56c83bc-72ad-6232-1764-6fef5aeceddd.webp)
-
-1. **Open Key Management**:
-
-   - In the Key Management interface, right-click on the key pair you wish to
-     add a subkey to. Select the "New Subkey" option from the context menu.
-
-2. **Fill in Basic Information**:
-
-   - **Key Type**: Select the type of subkey you want to generate. Available
-     options include RSA, DSA, ECDSA, ECDH, ECDH NIST P-256, ECDH NIST P-384,
-     ECDH NIST P-521, ECDH BrainPool P-256, ECDH BrainPool P-384, and ECDH
-     BrainPool P-512.
-   - **Key Size**: Choose the key size. This option is only applicable when the
-     key type is RSA or DSA.
-   - **Expiration Date**: Set an expiration date for the subkey. You can also
-     choose to check the "Never expire" checkbox to make the subkey permanent.
-
-3. **Set a Passphrase**:
-
-   - If the primary key has a passphrase, the subkey's passphrase must be equal
-     to it. Ensure that the "Non Pass Phrase" checkbox is unchecked if you want
-     to set a passphrase.
-
-4. **Select Key Usage**:
-
-   - Specify the usage for the subkey. Options include:
-     - **Encryption**: For encrypting data.
-     - **Signing**: For creating digital signatures.
-     - **Authentication**: For authentication purposes, such as SSH keys.
-   - Note that the certification usage is not available for subkeys.
-
-5. **Generate the Subkey**:
-   - After filling in all the necessary information and selecting the desired
-     options, click the "OK" button to generate your subkey.
-
-By following these steps, you can generate a subkey using GpgFrontend, which
-enhances the functionality of your primary key pair for various cryptographic
-operations.
-
-## Extra Note
-
-Below are some guidelines that may prove useful in comprehending the
-aforementioned concepts and utilizing this tool accurately.
-
-#### Understanding Primary Keys and Subkeys
-
-In the realm of cryptography, key management plays a crucial role in ensuring
-data security. A key pair consists of a primary key and one or more subkeys,
-each serving distinct functions yet working together to secure and manage
-digital identities and communications. This structure not only enhances security
-but also provides flexibility in key usage and management.
-
-#### The Role of Primary Key and Subkeys
-
-- **Primary Key**: The primary key is the cornerstone of your cryptographic
-  identity. It is used for identity verification, which includes signing other
-  keys to establish trust. The primary key's signature on a subkey validates the
-  subkey's association with the identity of the primary key holder.
-
-- **Subkeys**: Subkeys are associated with the primary key and are used for
-  encryption and signing documents or messages. Subkeys can be thought of as
-  extensions of the primary key, each designated for specific tasks. This
-  separation of duties allows for greater security and operational flexibility.
-  For example, you can have separate subkeys for signing and encryption.
-
-#### Advantages of Using Subkeys
-
-1. **Enhanced Security**: By using subkeys for day-to-day operations, you
-   minimize the risk associated with key exposure. If a subkey is compromised,
-   it can be revoked without affecting the primary key or other subkeys, thereby
-   limiting the potential damage.
-
-2. **Operational Flexibility**: Subkeys allow for specific roles (e.g., signing,
-   encryption) to be isolated. This means you can renew or revoke subkeys as
-   needed without disrupting the overall cryptographic setup.
-
-3. **Convenient Key Rotation**: Regularly updating keys is a best practice in
-   cryptography. Subkeys make it easier to rotate keys for signing and
-   encryption without needing to re-establish the primary key's trust
-   relationships.
-
-#### Managing Primary Keys and Subkeys
-
-- **Secure Storage**: The primary key should be stored in a highly secure
-  location, preferably offline or in a hardware security module (HSM), to
-  prevent unauthorized access. The loss or compromise of the primary key
-  jeopardizes the entire cryptographic framework.
-
-- **Key Generation and Maintenance**: While tools like GpgFrontend provide
-  user-friendly interfaces for managing keys, they may lack support for advanced
-  operations like generating multiple subkeys. Therefore, using the command-line
-  `gpg` tool for such tasks is advisable. Despite this limitation, GpgFrontend
-  can play a critical role in monitoring the presence of the primary key, which
-  is essential for certain operations like adding subkeys or signing other keys.
-
-- **Revocation and Renewal**: Prepare revocation certificates for your primary
-  key and subkeys in advance. In case of key compromise or expiration, these
-  certificates allow you to invalidate the keys, informing others in your trust
-  network not to use them anymore.
-
-#### Practical Tips for Effective Key Management
-
-- **Purpose-Specific Subkeys**: If your primary key was not generated with
-  certain capabilities (e.g., encryption), you can create a subkey with the
-  required functionality. This allows the key pair to be used for the intended
-  cryptographic operations without regenerating the primary key.
-
-- **Multiple Subkeys for Different Devices**: For users operating across
-  multiple devices, generating separate subkeys for each device can enhance
-  security. If one device is compromised, only the subkey on that device needs
-  to be revoked, leaving the others unaffected.
-
-- **Backup and Recovery**: Regularly back up your key pair, including the
-  primary key and all subkeys. Secure backups ensure that you can recover your
-  cryptographic capabilities even in the event of hardware failure or data loss.
-
-In summary, understanding and implementing a robust key management strategy,
-with a clear distinction between primary keys and subkeys, is essential for
-maintaining the integrity and security of cryptographic operations. By adhering
-to best practices for key usage, storage, and renewal, users can safeguard their
-digital identities and ensure the confidentiality and authenticity of their
-communications.
-
-#### Additional Note on Subkey Algorithm Types
-
-Subkeys in GpgFrontend offer more algorithm types than primary keys due to their
-specialized roles. While primary keys focus on establishing identity and trust,
-subkeys are often dedicated to specific tasks like encryption or authentication.
-This task-specific design allows subkeys to utilize a broader range of
-algorithms, enhancing their flexibility and functionality. For instance, while
-primary keys may be restricted to certain secure algorithms for signing, subkeys
-can employ diverse algorithms optimized for encryption, like ECDH, ensuring
-efficient and secure operations tailored to the user's needs.
-
-For more Details: [Comparison of Cryptographic Algorithms](/extra/algorithms-comparison)
-
-**Primary Key Supported Algorithms:**
+## Primary Key Supported Algorithms
 
 - RSA
 - DSA
 - ECDSA ED25519
+- EdDSA ED448 (GnuPG >2.3.0)
+- ECDSA SECP256K1 (GnuPG >2.3.0)
 - ECDSA NIST P-256
 - ECDSA NIST P-384
 - ECDSA NIST P-521
 - ECDSA BrainPool P-256 (GnuPG >2.3.0)
 - ECDSA BrainPool P-384 (GnuPG >2.3.0)
 - ECDSA BrainPool P-512 (GnuPG >2.3.0)
-
-**Subkey Supported Algorithms:**
-
-- RSA
-- DSA
-- ELG-E
-- ECDSA ED25519
-- ECDSA ED448 (GnuPG >2.3.0)
-- ECDH CV25519
-- ECDH X448 (GnuPG >2.3.0)
-- ECDH NIST P-256
-- ECDH NIST P-384
-- ECDH NIST P-521
-- ECDH BrainPool P-256 (GnuPG >2.3.0)
-- ECDH BrainPool P-384 (GnuPG >2.3.0)
-- ECDH BrainPool P-512 (GnuPG >2.3.0)
-
-**Explanation:**
-
-The broader range of algorithms available for subkeys arises because subkeys are
-designed for specific functions and can therefore leverage specialized
-algorithms optimized for those functions. For example, ECDH (Elliptic Curve
-Diffie-Hellman) is highly efficient for encryption tasks and is commonly used
-for subkeys dedicated to encryption. This flexibility in algorithm choice
-ensures that cryptographic operations can be optimized for both performance and
-security based on the specific use case.
-
-Primary keys, however, are central to the user's cryptographic identity and are
-primarily used for signing and certifying subkeys. This critical role
-necessitates the use of well-established and highly secure algorithms to ensure
-the integrity and trustworthiness of the entire cryptographic system.
-
-By differentiating the algorithms and roles of primary keys and subkeys,
-GpgFrontend enhances both security and operational efficiency, allowing users to
-maintain a robust and flexible cryptographic setup​.