diff --git a/book/source/01-intro.md b/book/source/01-intro.md index e5ce2c4..ff961af 100644 --- a/book/source/01-intro.md +++ b/book/source/01-intro.md @@ -18,74 +18,3 @@ software. OpenPGP is an open standard, there are many widely used (and [interoperable](https://tests.sequoia-pgp.org/)) implementations. - -## A very brief history - -The OpenPGP standard has evolved over time. - -(Also see https://www.openpgp.org/about/history/) - -### "Pretty Good Privacy (PGP)" - -The earliest roots of OpenPGP trace back to *"Pretty Good Privacy (PGP)"*, -a software program, written by Phil Zimmermann and first released in 1991. - -The original PGP software has played a role in the political struggles sometimes -referred to as the ["Crypto Wars"](https://en.wikipedia.org/wiki/Crypto_Wars) -(also see https://en.wikipedia.org/wiki/Crypto_(book) for some of that history, -including about the history of PGP). - -The "PGP" software was never under a Free Software license, -even though its source code has at one point been widely published. - -The ownership and branding of the product has -[changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec), -The software enjoys a continued existence, albeit with -[changing name and scope](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications). - - -### Standardizing OpenPGP - -While the PGP software was developed as a commercial product, the owner at the time, -"PGP Inc." started a standardization effort with the IETF in July 1997. -The resulting open standard was named -[OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP). - -The result of this early standardization work is -[RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), -published November 1998. - -The name "OpenPGP" can be used freely by implementations (unlike the name -"PGP", which is a [registered trademark](https://uspto.report/TM/74685229)). - -### GnuPG, a free software implementation - -[First released 1997-12-20](https://gnupg.org/download/release_notes.html#sec-2-70), -GnuPG is an implementation of the OpenPGP standard. - -GnuPG has been the major Free Software implementation of OpenPGP for a period -of time. It has played an important and successful role in the release of NSA -documents by [Edward Snowden](https://theintercept.com/2014/10/28/smuggling-snowden-secrets/). - -## The present - -### Multiple major implementations - -Today, multiple implementations of OpenPGP play an important role: - -- Protonmail, who provide email encryption services for a large number of users, - use (and maintain) [OpenPGP.js](https://openpgpjs.org/). -- The Thunderbird email software is using the [RNP](https://www.rnpgp.org/) - implementation for their built-in OpenPGP support since version 78 (released in mid-2020). -- The RPM Package Manager software includes an OpenPGP backend based on - [Sequoia PGP](https://sequoia-pgp.org/), a modern OpenPGP implementation in Rust. - Fedora [uses Sequoia PGP in rpm](https://sequoia-pgp.org/blog/2023/04/27/rpm-sequoia/) - since version 38. - -### OpenPGP version 6 - -This document mainly describes OpenPGP version 6, which brings many updates of the core cryptographic mechanisms, -compared to the previous version 4. - -As of this writing (in 2023), version 4 of OpenPGP is still most commonly used. -OpenPGP version 4 is described in [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880). diff --git a/book/source/03-highlevel.md b/book/source/03-highlevel.md index 1a073ec..764bf67 100644 --- a/book/source/03-highlevel.md +++ b/book/source/03-highlevel.md @@ -4,3 +4,74 @@ - ? - Introduce Packet/Subpacket concepts (?) ``` + +## A very brief history + +The OpenPGP standard has evolved over time. + +(Also see https://www.openpgp.org/about/history/) + +### "Pretty Good Privacy (PGP)" + +The earliest roots of OpenPGP trace back to *"Pretty Good Privacy (PGP)"*, +a software program, written by Phil Zimmermann and first released in 1991. + +The original PGP software has played a role in the political struggles sometimes +referred to as the ["Crypto Wars"](https://en.wikipedia.org/wiki/Crypto_Wars) +(also see https://en.wikipedia.org/wiki/Crypto_(book) for some of that history, +including about the history of PGP). + +The "PGP" software was never under a Free Software license, +even though its source code has at one point been widely published. + +The ownership and branding of the product has +[changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec), +The software enjoys a continued existence, albeit with +[changing name and scope](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications). + + +### Standardizing OpenPGP + +While the PGP software was developed as a commercial product, the owner at the time, +"PGP Inc." started a standardization effort with the IETF in July 1997. +The resulting open standard was named +[OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP). + +The result of this early standardization work is +[RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), +published November 1998. + +The name "OpenPGP" can be used freely by implementations (unlike the name +"PGP", which is a [registered trademark](https://uspto.report/TM/74685229)). + +### GnuPG, a free software implementation + +[First released 1997-12-20](https://gnupg.org/download/release_notes.html#sec-2-70), +GnuPG is an implementation of the OpenPGP standard. + +GnuPG has been the major Free Software implementation of OpenPGP for a period +of time. It has played an important and successful role in the release of NSA +documents by [Edward Snowden](https://theintercept.com/2014/10/28/smuggling-snowden-secrets/). + +## The present + +### Multiple major implementations + +Today, multiple implementations of OpenPGP play an important role: + +- Protonmail, who provide email encryption services for a large number of users, + use (and maintain) [OpenPGP.js](https://openpgpjs.org/). +- The Thunderbird email software is using the [RNP](https://www.rnpgp.org/) + implementation for their built-in OpenPGP support since version 78 (released in mid-2020). +- The RPM Package Manager software includes an OpenPGP backend based on + [Sequoia PGP](https://sequoia-pgp.org/), a modern OpenPGP implementation in Rust. + Fedora [uses Sequoia PGP in rpm](https://sequoia-pgp.org/blog/2023/04/27/rpm-sequoia/) + since version 38. + +### OpenPGP version 6 + +This document mainly describes OpenPGP version 6, which brings many updates of the core cryptographic mechanisms, +compared to the previous version 4. + +As of this writing (in 2023), version 4 of OpenPGP is still most commonly used. +OpenPGP version 4 is described in [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880).