diff options
author | Lars Wirzenius <liw@sequoia-pgp.org> | 2021-11-30 11:00:25 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@sequoia-pgp.org> | 2021-12-03 19:50:39 +0200 |
commit | 79630cb89ba370effd80b83488af73ba22671079 (patch) | |
tree | 08a818bf30eb1305e38347909b34f4a9db17eef7 | |
parent | ef744da4b91576f611f31d1573994d89a7b72546 (diff) | |
download | sq-user-guide-79630cb89ba370effd80b83488af73ba22671079.tar.gz |
style: use pikchr markup for diagrams of PK communication
The output is prettier than ASCII graphics. Use pandoc-filter-diagram
to implement this.
-rw-r--r-- | Makefile | 2 | ||||
-rw-r--r-- | sq-guide.md | 44 |
2 files changed, 31 insertions, 15 deletions
@@ -1,4 +1,4 @@ -PANDOCOPTS = --standalone --number-sections --toc --toc-depth=2 "-Vdate=$(shell git describe)" +PANDOCOPTS = --standalone --number-sections --toc --toc-depth=2 "-Vdate=$(shell git describe)" --filter pandoc-filter-diagram HTMLOPTS = -H sq.css .SUFFIXES: .md .html .pdf diff --git a/sq-guide.md b/sq-guide.md index 2069c86..2c1d8e0 100644 --- a/sq-guide.md +++ b/sq-guide.md @@ -293,12 +293,22 @@ follows. Say Alice wants to send a confidential message to Bob. She encrypts the message using Bob's public key, sends him the encrypted message, and Bob decrypts it using his private key: -```text - Alice | Internet | Bob - | | - Encrypt Message | | Decrypt Message - with Bob's ---> Encrypted Message ---> with Bob's - Public Key | | Private Key +```pikchr +right +A: oval "Alice" +arrow +I: circle radius 2cm "Internet" +arrow +B: oval "Bob" + +move down 0.5cm from A.s +text "encrypt" small "message" small "with Bob's" small "public key" small + +move down 0.5cm from I.s +text "encrypted" small "message" small + +move down 0.5cm from B.s +text "decrypt" small "message" small "with Bob's" small "private key" small ``` How Alice sends the message to Bob doesn't matter. Someone who @@ -392,10 +402,13 @@ way: if Bob can authenticate Alice's key, and a message is signed using Alice's key, then Bob can be confident that the message really came from Alice. -``` - | | - Mallory ---> Message from "Alice" ---> Bob - | | +```pikchr +right +oval "Mallory" +arrow +file width 2.5cm "Message" "from" "\"Alice\"" +arrow +oval "Bob" ``` The second problem, interception, is more subtle and can't be solved @@ -415,10 +428,13 @@ even fool Bob by reencrypting it using Bob's real certificate, and forwarding that version to Bob. Bob will be able to decrypt the message as usual and won't suspect a thing! -``` - | | - Alice ---> Message ---> Mallory ---> Message ---> Bob - | | +```pikchr +right +oval "Alice" +arrow 3cm "Encrypted" below "message" below +oval "Mallory" +arrow 3cm "Re-encrypted" below "message" below +oval "Bob" ``` The only practical way to prevent this type of attack is to |