Terminology - certificate or key ?

Andrew Gallagher andrewg at andrewg.com
Fri Sep 30 18:50:01 CEST 2016

The problems always start with the words "public key"...

On 30/09/16 15:22, Werner Koch wrote:
> So for example "lock" and "private key" may be better.

"Lock and key" works for symmetric crypto, because you lock and unlock
with the same key. "Latch and key" is the best analogy I know of to
public key crypto, because anyone can pull a latch closed, but you need
the key to open it again.

It's true that the term "certificate" can imply an unwarranted level of
authority - but that's also true of most things in the real world that
we call "certificates", so I don't think the problem is entirely in the
terminology...! ;-)

Another problem with the signature analogy is that you don't sign with
a "key" in the real world -- but there are other physical objects that
you can "sign" with, such as a signet ring, which is a more intuitive
analogy than "private key". But then what is the "public key" in this

There just isn't anything in the physical world that works as a
watertight analogy for the underlying mathematics. The fact that the
same process can be used (with subtle differences) in *both directions*
is where all known analogies come completely unglued...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160930/f7e314a9/attachment.sig>

More information about the Gnupg-users mailing list