Skip to main content

pretty Easy privacy (pEp): Privacy by Default

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Volker Birk , Hernâni Marques , Bernie Hoeneisen
Last updated 2021-05-06 (Latest revision 2020-11-02)
Replaced by draft-pep-general
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-pep-general
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The pretty Easy privacy (pEp) model and protocols describe a set of conventions for the automation of operations traditionally seen as barriers to the use and deployment of secure, privacy-preserving end- to-end interpersonal messaging. These include, but are not limited to, key management, key discovery, and private key handling (including peer-to-peer synchronization of private keys and other user data across devices). Human Rights-enabling principles like Data Minimization, End-to-End and Interoperability are explicit design goals. For the goal of usable privacy, pEp introduces means to verify communication between peers and proposes a trust-rating system to denote secure types of communications and signal the privacy level available on a per-user and per-message level. Significantly, the pEp protocols build on already available security formats and message transports (e.g., PGP/MIME with email), and are written with the intent to be interoperable with already widely- deployed systems in order to ease adoption and implementation. This document outlines the general design choices and principles of pEp.


Volker Birk
Hernâni Marques
Bernie Hoeneisen

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)