doc the relationship between PrivateKey and PrivateKeyWithSerialization (#3721) * doc the relationship between PrivateKey and PrivateKeyWithSerialization Or at least do it better. * let's talk about opaque keys

commit: 5bc8c7d801e9134d3de7c793a484ed29ec52aa96 [log] [tgz]
author: Paul Kehrer <paul.l.kehrer@gmail.com> Sat Jun 24 13:21:20 2017 -1000
committer: Alex Gaynor <alex.gaynor@gmail.com> Sat Jun 24 19:21:20 2017 -0400
tree: 527fc6557138f750d4bd591c2ad7e1426d23b11f
parent: 2748e2e4ae923c3d2c29a3a31a702fb85ade0fff [diff] [blame]
diff --git a/docs/glossary.rst b/docs/glossary.rst
index 202fa2d..a630878 100644
--- a/docs/glossary.rst
+++ b/docs/glossary.rst

@@ -72,3 +72,12 @@
         or pseudo-random number (see :doc:`Random number generation
         </random-numbers>`). Since a nonce does not have to be unpredictable,
         it can also take a form of a counter.
+
+    opaque key
+        An opaque key is a type of key that allows you to perform cryptographic
+        operations such as encryption, decryption, signing, and verification,
+        but does not allow access to the key itself. Typically an opaque key is
+        loaded from a `hardware security module`_ (HSM).
+
+
+.. _`hardware security module`: https://en.wikipedia.org/wiki/Hardware_security_module
commit	5bc8c7d801e9134d3de7c793a484ed29ec52aa96	[log] [tgz]
author	Paul Kehrer <paul.l.kehrer@gmail.com>	Sat Jun 24 13:21:20 2017 -1000
committer	Alex Gaynor <alex.gaynor@gmail.com>	Sat Jun 24 19:21:20 2017 -0400
tree	527fc6557138f750d4bd591c2ad7e1426d23b11f
parent	2748e2e4ae923c3d2c29a3a31a702fb85ade0fff [diff] [blame]