Technical Summary
This document specifies the message formats used in OpenPGP. OpenPGP
provides encryption with public-key or symmetric cryptographic
algorithms, digital signatures, compression and key management.
This document is maintained in order to publish all necessary
information needed to develop interoperable applications based on the
OpenPGP format. It is not a step-by-step cookbook for writing an
application. It describes only the format and methods needed to
read, check, generate, and write conforming packets crossing any
network. It does not deal with storage and implementation questions.
It does, however, discuss implementation issues necessary to avoid
security flaws.
This document obsoletes: RFC 4880 (OpenPGP), RFC 5581 (Camellia in
OpenPGP) and RFC 6637 (Elliptic Curves in OpenPGP).
Working Group Summary
This draft is the sole deliverable of the currently chartered OPENPGP WG reopened in 2020. The OPENPGP WG previously closed in 2017 without finishing this deliverable.
In 2021, the WG adopted the document largely based on this prior work. In 2022, an alternative to this WG document was proposed (draft-koch-openpgp-2015-rfc4880bis) by a significant implementer. The WG consensus was to continue ahead with this document. See
https://mailarchive.ietf.org/arch/msg/openpgp/PWp3ZcZ_qnDNLhuT-zR7gA2ddeg/.
In October 2023 during the second WG last call, this same implementer raised concerns about backwards compatibility. See
https://mailarchive.ietf.org/arch/msg/openpgp/BLgKYP9CbGtMsIJRV3Ws9jh57Tw/ and https://mailarchive.ietf.org/arch/msg/openpgp/moMPKZj83kmr5x2Zd9uGGUqxIS8/. The WG consensus was to continue with publication.
These and related concerns were raised in IETF Last Call. See https://mailarchive.ietf.org/arch/msg/last-call/H6RmSWvc5LOcJjSig-i4awjQFFw/. The WG chairs summarized the situation in https://mailarchive.ietf.org/arch/msg/last-call/b5LQGVlvWvudI3qF42ntvd8wblU/ as:
==[ snip ]==
... the main developer of a significant implementation is in the "rough"
part of ... consensus ... the WG did explicitly consider [the identified concerns] during the work.
==[ snip ]==
Document Quality
There are multiple implementations that were used to produce the examples in the draft.
The OpenPGP interoperability test suite is
coordinated by the Sequoia project at:
https://tests.sequoia-pgp.org/
Personnel
The Document Shepherd for this document is Stephen Farrell. The
Responsible Area Director is Roman Danyliw.