diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2022-03-11 13:36:34 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2022-03-11 13:36:34 +0100 |
commit | a320d306ffaa9311af7cdae3dfd9c5ef771e2d16 (patch) | |
tree | b5316d30a182d0f40b1932710b75978880b45ba9 | |
parent | e3eb9a71267b910c4a21f29aecc5cd05c2f105e3 (diff) |
openpgp: Improve documentation.
-rw-r--r-- | openpgp/src/cert/builder.rs | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs index e9ff41db..a160a074 100644 --- a/openpgp/src/cert/builder.rs +++ b/openpgp/src/cert/builder.rs @@ -212,11 +212,11 @@ assert_send_and_sync!(KeyBlueprint); /// ## Expiration /// /// There are two ways to invalidate cryptographic key material: -/// revocation and liveness. Both variants come with their own +/// revocation and freshness. Both variants come with their own /// challenges. Revocations rely on a robust channel to update /// certificates (and attackers may interfere with that). /// -/// On the other hand, liveness involves creating key material that +/// On the other hand, freshness involves creating key material that /// expires after a certain time, then periodically extending the /// expiration time. Again, consumers need a way to update /// certificates, but should that fail (maybe because it was @@ -226,7 +226,7 @@ assert_send_and_sync!(KeyBlueprint); /// Because of the way metadata is added to OpenPGP certificates, /// attackers who control the certificate lookup and update mechanism /// may strip components like signatures from the certificate. This -/// has implications for the robustness of relying on liveness. +/// has implications for the robustness of relying on freshness. /// /// If you first create a certificate that does not expire, and then /// change your mind and set an expiration time, an attacker can |