The earliest roots of OpenPGP trace back to *"Pretty Good Privacy (PGP)"*, a software program written by [Phil Zimmermann](https://en.wikipedia.org/wiki/Phil_Zimmermann) and first released in 1991.
The original PGP software has played a role in the political struggles sometimes referred to as the ["Crypto Wars"](https://en.wikipedia.org/wiki/Crypto_Wars) (also see https://en.wikipedia.org/wiki/Crypto_(book) for some of that history, including about the history of PGP).
The ownership and branding of the product has [changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec). The software enjoys a continued existence, albeit with [changing name and scope](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications).
While the original PGP software was developed as a commercial product, the owner at the time, "PGP Inc." started a standardization effort with the IETF in July 1997.
The resulting open standard was named [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP).
The result of this early standardization work is [RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), published November 1998. RFC 2440 describes OpenPGP version 3.
GnuPG has been the major Free Software implementation of OpenPGP for a period of time. It has played an important (and successful) role in the release of NSA documents by [Edward Snowden](https://theintercept.com/2014/10/28/smuggling-snowden-secrets/).
Note: The terms "pgp key" and "gpg key" are sometimes used interchangeably. Since both PGP and GnuPG are just some out of many existing OpenPGP implementations, the proper term to use is "OpenPGP key" (or "OpenPGP certificate", more on that later [link]).
- Protonmail, who provide email encryption services for a large number of users, use (and maintain) [OpenPGP.js](https://openpgpjs.org/) as well as [GopenPGP](https://gopenpgp.org/).
- The Thunderbird email software is using the [RNP](https://www.rnpgp.org/) implementation for their built-in OpenPGP support since version 78 (released in mid-2020).
- The RPM Package Manager software includes an OpenPGP backend based on [Sequoia PGP](https://sequoia-pgp.org/), a modern OpenPGP implementation in Rust. Fedora [uses Sequoia PGP in rpm](https://sequoia-pgp.org/blog/2023/04/27/rpm-sequoia/) since version 38.
As of this writing (in 2023), [version 6 of OpenPGP](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/) is approaching publication as an RFC.
The working group's [charter](https://datatracker.ietf.org/wg/openpgp/about/#autoid-1) centers around updating the cryptographic mechanisms, adding new algorithms, and deprecation of obsolete algorithms.
Use of OpenPGP is centered around (asymmetric) cryptographic keys. In OpenPGP, these keys are combined with additional metadata into "OpenPGP certificates" - also often referred to as "OpenPGP keys."
See the [certificates chapter](certificates_chapter) for more on OpenPGP certificates, and their internal makeup, and the [private key chapter](private_key_chapter) for handling of private key material in OpenPGP.
Other important topics around certificates are their management, authentication, and trust models. We will only touch on those, in this document.
OpenPGP has been defined as a standard with the express goal of enabling multiple parties to build interoperable implementations. This has already been a success early on, but in recent years, there has been [much development of new implementations]((major_implementations)).
While interoperability has been an informal goal in the OpenPGP space since the initial standardization, since 2019 the Sequoia project is maintaining and operating the more formal ["OpenPGP interoperability test suite"](https://tests.sequoia-pgp.org/). This test suite has identified numerous [issues](https://gitlab.com/sequoia-pgp/openpgp-interoperability-test-suite#hall-of-fame).
