diff --git a/book/source/03-highlevel.md b/book/source/03-highlevel.md index ed41b5f..783d099 100644 --- a/book/source/03-highlevel.md +++ b/book/source/03-highlevel.md @@ -2,85 +2,59 @@ ## A very brief history -The OpenPGP standard has evolved over time. +The OpenPGP standard has evolved over time, and remains under active development. (Also see https://www.openpgp.org/about/history/) ### "Pretty Good Privacy (PGP)" -The earliest roots of OpenPGP trace back to *"Pretty Good Privacy (PGP)"*, -a software program, written by Phil Zimmermann and first released in 1991. +The earliest roots of OpenPGP trace back to *"Pretty Good Privacy (PGP)"*, a software program written by [Phil Zimmermann](https://en.wikipedia.org/wiki/Phil_Zimmermann) and first released in 1991. -The original PGP software has played a role in the political struggles sometimes -referred to as the ["Crypto Wars"](https://en.wikipedia.org/wiki/Crypto_Wars) -(also see https://en.wikipedia.org/wiki/Crypto_(book) for some of that history, -including about the history of PGP). +The original PGP software has played a role in the political struggles sometimes referred to as the ["Crypto Wars"](https://en.wikipedia.org/wiki/Crypto_Wars) (also see https://en.wikipedia.org/wiki/Crypto_(book) for some of that history, including about the history of PGP). -The "PGP" software was never under a Free Software license, -even though its source code has at one point been widely published. +The original "PGP" software was never under a Free Software license, even though its source code has at one point been widely published. -The ownership and branding of the product has -[changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec), -The software enjoys a continued existence, albeit with -[changing name and scope](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications). +The ownership and branding of the product has [changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec). The software enjoys a continued existence, albeit with [changing name and scope](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications). ### Standardizing OpenPGP -While the PGP software was developed as a commercial product, the owner at the time, -"PGP Inc." started a standardization effort with the IETF in July 1997. -The resulting open standard was named -[OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP). +While the original PGP software was developed as a commercial product, the owner at the time, "PGP Inc." started a standardization effort with the IETF in July 1997. +The resulting open standard was named [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP). -The result of this early standardization work is -[RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), -published November 1998. +The result of this early standardization work is [RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), published November 1998. RFC 2440 describes OpenPGP version 3. -The name "OpenPGP" can be used freely by implementations (unlike the name -"PGP", which is a [registered trademark](https://uspto.report/TM/74685229)). +The name "OpenPGP" can be used freely by implementations (unlike the name "PGP", which is a [registered trademark](https://uspto.report/TM/74685229)). ### GnuPG, a free software implementation -[First released 1997-12-20](https://gnupg.org/download/release_notes.html#sec-2-70), -GnuPG is an implementation of the OpenPGP standard. +[First released 1997-12-20](https://gnupg.org/download/release_notes.html#sec-2-70), GnuPG is an implementation of the OpenPGP standard. -GnuPG has been the major Free Software implementation of OpenPGP for a period -of time. It has played an important and successful role in the release of NSA -documents by [Edward Snowden](https://theintercept.com/2014/10/28/smuggling-snowden-secrets/). +GnuPG has been the major Free Software implementation of OpenPGP for a period of time. It has played an important (and successful) role in the release of NSA documents by [Edward Snowden](https://theintercept.com/2014/10/28/smuggling-snowden-secrets/). ## The present ### Multiple major implementations -Today, multiple implementations of OpenPGP play an important role: +Today multiple new Free Software implementations of OpenPGP play important roles: -- Protonmail, who provide email encryption services for a large number of users, - use (and maintain) [OpenPGP.js](https://openpgpjs.org/). -- The Thunderbird email software is using the [RNP](https://www.rnpgp.org/) - implementation for their built-in OpenPGP support since version 78 (released in mid-2020). -- The RPM Package Manager software includes an OpenPGP backend based on - [Sequoia PGP](https://sequoia-pgp.org/), a modern OpenPGP implementation in Rust. - Fedora [uses Sequoia PGP in rpm](https://sequoia-pgp.org/blog/2023/04/27/rpm-sequoia/) - since version 38. +- Protonmail, who provide email encryption services for a large number of users, use (and maintain) [OpenPGP.js](https://openpgpjs.org/)as well as [GopenPGP](https://gopenpgp.org/). +- The Thunderbird email software is using the [RNP](https://www.rnpgp.org/) implementation for their built-in OpenPGP support since version 78 (released in mid-2020). +- The RPM Package Manager software includes an OpenPGP backend based on [Sequoia PGP](https://sequoia-pgp.org/), a modern OpenPGP implementation in Rust. Fedora [uses Sequoia PGP in rpm](https://sequoia-pgp.org/blog/2023/04/27/rpm-sequoia/) since version 38. ### OpenPGP version 6 -This document mainly describes OpenPGP version 6, which brings many updates of the core cryptographic mechanisms, -compared to the previous version 4. +This document mainly describes OpenPGP version 6, which brings many updates of the core cryptographic mechanisms, compared to the previous version 4. -As of this writing (in 2023), version 4 of OpenPGP is still most commonly used. -OpenPGP version 4 is described in [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880). +As of this writing (in 2023), version 4 of OpenPGP is still most commonly used. OpenPGP version 4 is described in [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880). ## Concepts ### Certificates/Keys -All uses of OpenPGP are centered around (asymmetric) cryptographic key material. -In OpenPGP, cryptographic keys are combined with additional metadata into -"OpenPGP Keys", or "OpenPGP Certificates". +All uses of OpenPGP are centered around (asymmetric) cryptographic key material. In OpenPGP, cryptographic keys are combined with additional metadata into "OpenPGP Keys", or "OpenPGP Certificates". -See chapter "certs" (link) for more on OpenPGP Certificates, and "private" for handling of -private key material in OpenPGP. +See chapter "certs" (link) for more on OpenPGP Certificates, and "private" for handling of private key material in OpenPGP. ### Cryptographic operations @@ -90,3 +64,7 @@ private key material in OpenPGP. ### Internal structure of OpenPGP data OpenPGP data is structured as "packets" (and sometimes "subpackets"), internally. + +## Interoperability + +```describe, and link to interop test suite``` \ No newline at end of file