Revise section on key format

vladimir-v-diaz · vladimir-v-diaz · commit 483c1e260798 · 2017-12-04T11:13:00.000-05:00
Signed-off-by: Vladimir Diaz &lt;vladimir.v.diaz@gmail.com&gt;
diff --git a/tuf-spec.md b/tuf-spec.md
@@ -463,58 +463,62 @@ Version: **1.0 (Draft)**
        }
 
    where: ROLE is a dictionary whose "_type" field describes the role type.
+
           KEYID is the identifier of the key signing the ROLE dictionary.
+
           SIGNATURE is a signature of the canonical JSON form of ROLE.
 
-   The current reference implementation defines two signature schemes,
-   although TUF is not restricted to any particular signature scheme,
-   key type, or cryptographic library:
 
-       "rsassa-pss-sha256" : RSA Probabilistic signature scheme with appendix.
-          The underlying hash function is SHA256.
+   All keys have the format:
 
-       "ed25519" : Elliptic curve digital signature algorithm based on Twisted
-          Edwards curves.
+        { "keytype" : KEYTYPE,
+          "scheme" : SCHEME,
+          "keyval" : KEYVAL
+        }
 
-        "ecdsa-sha2-nistp256" : Elliptic Curve Digital Signature Algorithm
-           with NIST P-256 curve signing and SHA-256 hashing.
+   where: KEYTYPE is a string denoting a public key signature system, such
+          as RSA or ECDSA.
 
-   rsassa-pss: https://tools.ietf.org/html/rfc3447#page-29
+          SCHEME is a string denoting a corresponding signature scheme.  For
+          example: "rsassa-pss-sha256" and "ecdsa-sha2-nistp256".
 
-   ed25519: https://ed25519.cr.yp.to/
+          KEYVAL is a dictionary containing the public portion of the key.
 
-   ecdsa: https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm
+   The reference implementation defines three signature schemes, although TUF
+   is not restricted to any particular signature scheme, key type, or
+   cryptographic library:
 
-   All keys have the format:
+       "rsassa-pss-sha256" : RSA Probabilistic signature scheme with appendix.
+        The underlying hash function is SHA256.
+        https://tools.ietf.org/html/rfc3447#page-29
 
-        { "keytype" : KEYTYPE,
-          "scheme" : SCHEME,
-          "keyval" : KEYVAL
-        }
+       "ed25519" : Elliptic curve digital signature algorithm based on Twisted
+        Edwards curves.
+        https://ed25519.cr.yp.to/
 
-   where KEYTYPE is a string describing the type of the key and how it's
-   used to sign documents.  The type determines the interpretation of
-   KEYVAL.
+        "ecdsa-sha2-nistp256" : Elliptic Curve Digital Signature Algorithm
+         with NIST P-256 curve signing and SHA-256 hashing.
+         https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm
 
-   We define three keytypes below: 'rsa', 'ed25519', and 'ecdsa'.  However, TUF
-   places no restrictions on cryptographic keys.  Adopters can use any
-   particular keytype, signing scheme, and cryptographic library.
+   We define three keytypes below: 'rsa', 'ed25519', and 'ecdsa', but adopters
+   can define and use any particular keytype, signing scheme, and cryptographic
+   library.
 
    The 'rsa' format is:
 
         { "keytype" : "rsa",
           "scheme" : "rsassa-pss-sha256",
-          "keyval" : { "public" : PUBLIC}
+          "keyval" : {"public" : PUBLIC}
         }
 
-   where PUBLIC is in PEM format and a string.  All RSA keys
-   must be at least 2048 bits.
+   where PUBLIC is in PEM format and a string.  All RSA keys must be at least
+   2048 bits.
 
    The 'ed25519' format is:
 
         { "keytype" : "ed25519",
           "scheme" : "ed25519",
-          "keyval" : { "public" : PUBLIC}
+          "keyval" : {"public" : PUBLIC}
         }
 
    where PUBLIC is a 32-byte string.
@@ -523,7 +527,7 @@ Version: **1.0 (Draft)**
 
         { "keytype" : "ecdsa-sha2-nistp256",
           "scheme" : "ecdsa-sha2-nistp256",
-          "keyval" : { "public" : PUBLIC}
+          "keyval" : {"public" : PUBLIC}
         }
 
    where PUBLIC is in PEM format and a string.
