diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-12-14 16:37:33 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-12-14 16:37:33 +0100 |
| commit | 8c50ba96a5434aeefbf44e0d034072dfc6669521 (patch) | |
| tree | 7c6a5d31c22dac12fa97c4545de873a3605c7b2e /openpgp/src/cert/amalgamation/key/iter.rs | |
| parent | 7e57122f0bd6db27c6e2f0c7deac1333256e5146 (diff) | |
openpgp: Change general purpose keys to have a signing subkey.
- Certificates with a primary key that is not signing capable, and a
subkey that is, are strictly more secure than ones that combine
signing and certification capabilities in the primary key.
- If the owner of a certificate with a signing-capable primary key
can be tricked into creating a binary signature over carefully
chosen attacker-controlled data, this signature can be repurposed
to bind arbitrary attacker-controlled components to the
certificate using a chosen-prefix collision attack on the hash
function (see e.g. "SHA-1 is a Shambles" for a similar attack).
- Having a separate signing-subkey mitigates the attack, because
signatures by the signing subkey cannot bind components to the
certificate.
Diffstat (limited to 'openpgp/src/cert/amalgamation/key/iter.rs')
| -rw-r--r-- | openpgp/src/cert/amalgamation/key/iter.rs | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/openpgp/src/cert/amalgamation/key/iter.rs b/openpgp/src/cert/amalgamation/key/iter.rs index 0601c2f0..53a72f79 100644 --- a/openpgp/src/cert/amalgamation/key/iter.rs +++ b/openpgp/src/cert/amalgamation/key/iter.rs @@ -434,7 +434,7 @@ impl<'a, P, R> KeyAmalgamationIter<'a, P, R> /// // Use it. /// # i += 1; /// } - /// # assert_eq!(i, 2); + /// # assert_eq!(i, 3); /// # Ok(()) } /// ``` pub fn supported(mut self) -> Self { @@ -1553,7 +1553,7 @@ impl<'a, P, R> ValidKeyAmalgamationIter<'a, P, R> /// // Use it. /// # i += 1; /// } - /// # assert_eq!(i, 2); + /// # assert_eq!(i, 3); /// # Ok(()) } /// ``` pub fn supported(mut self) -> Self { |