From 8e076cce41095c7bc5601c85fad0626e35bf9136 Mon Sep 17 00:00:00 2001
From: davidsarah <>
Date: Tue, 4 May 2010 20:00:57 +0000
Subject: [PATCH] public key algorithm -> signature algorithm (signatures don't
 necessarily require trapdoor public key crypto)

[Imported from Trac: page NewMutableEncodingDesign, version 19]
---
 NewMutableEncodingDesign.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/NewMutableEncodingDesign.md b/NewMutableEncodingDesign.md
index 3752359..bfa8496 100644
--- a/NewMutableEncodingDesign.md
+++ b/NewMutableEncodingDesign.md
@@ -160,7 +160,7 @@ The dirnode encoding would use H(writecap) to protect the child writecaps,
 H(readcap) to protect the child readcaps, and H(traversapcap) to protect the
 child verifycap/traversalcaps.
 
-## Any public key algorithm, no semi-private keys, no traversalcap
+## Any signature algorithm, no semi-private keys, no traversalcap
 
 Without semi-private keys, we need something more complicated to protect the
 readkey: the only thing that can be mathematically derived from the writecap
@@ -199,7 +199,7 @@ with keys shorter than 2*K for a K-bit security level. Since we can use shorter
 hashes than public keys, the H(pubkey) design above gives us shorter read caps,
 although they are not shorter than using semi-private keys.
 
-### Any public key algorithm, no semi-private keys, with traversalcap
+### Any signature algorithm, no semi-private keys, with traversalcap
 
 Since a secure pubkey identifier (either H(pubkey)[:K+T] or the original privkey)
 is present in all caps, it's easy to insert arbitrary intermediate levels. It