From 4e27aa68ae994c677513ab03b692a45ea14000de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Thu, 7 Jan 2016 16:32:30 +0100 Subject: [PATCH] Updated Backups (markdown) --- Backups.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Backups.md b/Backups.md index deb3482..813b7e7 100644 --- a/Backups.md +++ b/Backups.md @@ -15,7 +15,7 @@ This is work in progress... ## Standard 1. All secret and public keys that should be included in the backup MUST be concatenated in their [transferable key format](http://tools.ietf.org/html/rfc4880#section-11.1). -2. A backup code is generated from secure random: The backup code consists of 24 upper case characters and numbers without ``O`` and ``0`` (``123456789ABCDEFGHIJKLMNPQRSTUVWXYZ``) from the Latin alphabet grouped into 4-character chunks, e.g., ``TWNK-KD5Y-MT3T-E1GS-DRDB-KVTW``. The characters MUST be generated from secure random, such as ``/dev/urandom``. +2. A backup code is generated from secure random: The backup code consists of 24 upper case characters from the Latin alphabet and numbers without ``O`` and ``0`` (``123456789ABCDEFGHIJKLMNPQRSTUVWXYZ``) grouped into 4-character chunks, e.g., ``TWNK-KD5Y-MT3T-E1GS-DRDB-KVTW``. The characters MUST be generated from secure random, such as ``/dev/urandom``. 3. The whole backup code including the dashes is directly used as a string to encrypt the concatenated transferable keys as an OpenPGP message (more precisely: It is used as the symmetric-key for a [Symmetric-Key Encrypted Session Key Packet](http://tools.ietf.org/html/rfc4880#section-5.3), the symmetric-key is thus 29 characters long including the dashes). The encryption algorithm MUST be one of the standardized OpenPGP symmetric algorithms (in case of OpenKeychain: AES-256). ## Saved as a file