Change "Public Key" to "OpenPGP Certificate"
Open, NormalPublic

Description

After a brief chat with dkg on the IRC channel, I should be changing the terminology a little bit:

I always use "OpenPGP certificates" (though i'll introduce the other terms as well) because i think the legacy terminology is an active obstacle to understanding
a public key is a mathematical object
a certificate binds together public key(s) and user id(s) with some types of cryptographically-verifiable certifications
if you start saying that a certificate *is* both a public key and *contains* a public key, and then you wonder why your readers are confused, it seems like the answer is right there

So, what I'm suggesting I do is I'm going to change all instances of where we'd normally use "Public Key" in normal parlance (or in reference to those blocks of text we download off the keyserver) as "OpenPGP Certificate."

I'd also like to open up the discussion for any other terminology that might be confusing, if anyone's got input or ideas.

JollyRoger created this object in space S1 Public.

I can only tell that the term "Certificate" is exactly what Kleopatra was trying to use consistently in the GUI. For Kleopatra it is also important because it tries to work with both X509 "certificates" and OpenPGP "public keys".

The problem with that is that the term OpenPGP Key is commonly used all over the internet when OpenPGP is explained. So users were even more confused.

What is the difference between an OpenPGP Key and a Certificate, What is a Public Key? What is the Private Key? Why is there a Private Key for a certificate.

So nowadays in the UI I'm trying to only use "Secret Key" (both for the secret part of X509 and OpenPGP) and otherwise just leave it.

E.g. In GpgOL i'm saying "Resolving Recipients" when I'm trying to figure out the pubkeys to use. And in Kleopatra I just use "Details" "Export" etc. instead of "Export public key" or "Export certificate".

But sure in documentation that is harder. I would suggest to stick with public key and explain early on that a public key is sometimes also called certificate. (FWIW in Kleopatra the process of signing a user id is called "certify")

werner added a subscriber: werner.Oct 25 2018, 3:25 PM

The correct technical term is OpenPGP Public Keyblock but I better shut up on the certificate vs. Public key(block) question.

This comment was removed by JollyRoger.

Whoops, going to repost.

Got it. For now I've been using the term Secret Key versus Public Key, to avoid alliteration. I'll keep with the course for now, but I should try to share one of the things I found:

Among the people I was trying to use GnuPG with, I found that many of them, even the techier types had difficulty with the terminology, especially with respect to the connotations that the term 'key' had. Most of them were confused with the concept of giving away keys, as they often associated keys with the things kept close at hand and never given out to other people because giving away a key meant giving away access.

Certificate though has a nicer connotation to it and definitely feels like it has the connotation of something to be shown off to other people and displayed on walls, which I really like.

Certificate though has a nicer connotation to it and definitely feels like it has the connotation of something to be shown off to other people and displayed on walls, which I really like.

I agree that certificate is the better term.

I just found that as it is used so rarely it is often times more confusing to users.
But given that you have attention of people reading your book you might consider a small paragraph about that problem. Maybe that would be the best.

Sure. I'll mark that to be added!