Hi! On Thu, 2025-03-20 at 10:55:16 +0900, Charles Plessy wrote: > sorry but I am confused... can you explain at a beginner level what is the > difference between a certificate and a "key" in the sense it is used in the > Developers Reference?
Ah, sorry, the OpenPGP working group and as part of that, several of its implementers have been trying to clarify its terminology, and AFAIUI to make it a bit more approachable and to use terms more widely understood. So «certificate» should be taken as a synonym with what was previously known as «Transferable Public Key» (or «public key»), in contrast to a «key» which is understood as a «Transferable Secret Key» (or «secret key»). Which should better match the terminology used for example with TLS/SSL certificates and keys. See <https://www.rfc-editor.org/rfc/rfc9580.html#name-terminology-changes>. (I've CCed Daniel Kahn Gillmor in case I've misrepresented or misstated any of this though, or to give more detail/rationale if needed. :) Thanks, Guillem
