Updated Backups (markdown)

Backups.md

@@ -14,8 +14,9 @@ This is work in progress...
 * change to chunking of 4 characters
 
 ## Standard
-* A backup consists of 24 upper case characters from the Latin alphabet grouped into 4-character chunks, e.g., ``TWNK-KDEY-MTWT-EVGS-DRDB-KVTW``. The characters are generated from secure random. The whole backup code including the dashes is used as a string to directly encrypt an OpenPGP message (more precisely: It is used as the symmetric-key for a [Symmetric-Key Encrypted Session Key Packet](http://tools.ietf.org/html/rfc4880#section-5.3), the symmetric-key is thus 29 characters long including the dashes).
-* The encryption algorithm is one of the standardized OpenPGP symmetric algorithms (in case of OpenKeychain: AES-256)
+1. All secret and public keys that should be included in the backup MUST be concatenated in their [transferable Key format](http://tools.ietf.org/html/rfc4880#section-11.1).
+2. A backup code is generated from secure random: The backup code consists of 24 upper case characters from the Latin alphabet grouped into 4-character chunks, e.g., ``TWNK-KDEY-MTWT-EVGS-DRDB-KVTW``. The characters MUST be generated from secure random, such as ``/dev/urandom``.
+3. The whole backup code including the dashes is directly used as a string to encrypt the concatenated transferable keys as an OpenPGP message (more precisely: It is used as the symmetric-key for a [Symmetric-Key Encrypted Session Key Packet](http://tools.ietf.org/html/rfc4880#section-5.3), the symmetric-key is thus 29 characters long including the dashes). The encryption algorithm MUST be one of the standardized OpenPGP symmetric algorithms (in case of OpenKeychain: AES-256).
 
 ## Saved as a file
 * When saving backups as a file, ASCII armor MUST be used and a special ASCII armor header MUST be added: ``BackupVersion: 2``