openpgp-workshop/index.md

@@ -14,6 +14,14 @@ developed by Phil Zimmermann in the 1990s.
 
 * Uses asymmetric / public key cryptography
 
+<!--
+What are some useful ways we can use OpenPGP:
+    * Email encryption and signing
+    * Signing git commits
+    * SSH
+    * Password management
+-->
+
 ---
 
 ## Implementations
@@ -151,21 +159,18 @@ developed by Phil Zimmermann in the 1990s.
 ---
 ## Advanced - cold / virtualization
 
-* Can use `gpg` / `sq` / `keyfork`
+* Can use `gpg` / `sq` / `keyfork` to derive
+
+* Key is to derive keys in a secure environment:
+    * Airgapped system (preferred)
+    * Virtual machine on a hypervisor via hardware virtualization (ok for some threat models)
 
 * [Hashbang GPG Guide](https://book.hashbang.sh/docs/security/key-management/gnupg/): helpful guide for GPG - good resource for beginners who want to do the advanced setup
 
 * [openpgp-card-tools](https://codeberg.org/openpgp-card/openpgp-card-tools): great for loading keys onto smart cards
-
+    * Can use a variety of smart cards: NitroKey3, SoloKey, Yubikey
-* Can use a variety of smart cards: NitroKey3, SoloKey, Yubikey
         * NitroKey and SoloKey are fully open which is great for verifiability - may requires flashing firmware
 
-* [openpgp-card-tools](https://codeberg.org/openpgp-card/openpgp-card-tools) is helpful for loading the card
-
-* Airgapped system (preferred)
-
-* Virtual machine on a hypervisor via hardware virtualization (ok for some threat models)
-
 ---
 
 ## Backup Trick 🧙