From 31d64fdb3701b1ab316b7c5a75f50be29b692875 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 20:40:35 +0100 Subject: [PATCH 1/6] Fix link syntax --- book/source/02-highlevel.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/02-highlevel.md b/book/source/02-highlevel.md index 186a08e..35f3cb6 100644 --- a/book/source/02-highlevel.md +++ b/book/source/02-highlevel.md @@ -31,7 +31,7 @@ The origins of OpenPGP can be traced back to *Pretty Good Privacy (PGP)*, a soft The original PGP software played a role in the political struggles sometimes referred to as the ["Crypto Wars"](https://en.wikipedia.org/wiki/Crypto_Wars) (also see ["Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital" (2002)](https://en.wikipedia.org/wiki/Crypto_(book)), which includes some of PGP's history). -The original PGP software was never under a Free Software license, despite its source code being widely published by its author. [PGP's ownership has changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec), and [PGP's scope and suite of products have expanded] (https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications). +The original PGP software was never under a Free Software license, despite its source code being widely published by its author. [PGP's ownership has changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec), and [PGP's scope and suite of products have expanded](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications). ### Standardizing OpenPGP From 1c9b9d8724f8d16caa123dc141204f0f0f264e0b Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 20:41:28 +0100 Subject: [PATCH 2/6] Remove stray brace --- book/source/02-highlevel.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/02-highlevel.md b/book/source/02-highlevel.md index 35f3cb6..e455683 100644 --- a/book/source/02-highlevel.md +++ b/book/source/02-highlevel.md @@ -39,7 +39,7 @@ While PGP was first developed as commercial software, the owner at the time, PGP In July 1997, a process to produce an open standard under the then new name [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP) was started, resulting in [RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), published in November 1998. RFC 2440 describes OpenPGP version 3. -The name OpenPGP can be used freely by implementations, unlike the name PGP, which is a [registered trademark](https://uspto.report/TM/74685229)). +The name OpenPGP can be used freely by implementations, unlike the name PGP, which is a [registered trademark](https://uspto.report/TM/74685229). ### GnuPG, an early Free Software implementation From 5eb6d310cfa2fbdf7905be06ebd10c2d5379bb7c Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 21:08:21 +0100 Subject: [PATCH 3/6] Fix version claims and add a bit more detail about extensions to 4880. It's not so straightforward: RFC 2440 and 4880 both define OpenPGP version 4 artifacts. So naming versions in the text is tricky. --- book/source/02-highlevel.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/book/source/02-highlevel.md b/book/source/02-highlevel.md index e455683..832bc3d 100644 --- a/book/source/02-highlevel.md +++ b/book/source/02-highlevel.md @@ -37,7 +37,7 @@ The original PGP software was never under a Free Software license, despite its s While PGP was first developed as commercial software, the owner at the time, PGP Inc., started a standardization effort with the IETF, first publishing [RFC 1991 "PGP Message Exchange Formats"](https://datatracker.ietf.org/doc/html/rfc1991) in August 1996. -In July 1997, a process to produce an open standard under the then new name [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP) was started, resulting in [RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), published in November 1998. RFC 2440 describes OpenPGP version 3. +In July 1997, a process to produce an open standard under the then new name [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP) was started, resulting in [RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), published in November 1998. The name OpenPGP can be used freely by implementations, unlike the name PGP, which is a [registered trademark](https://uspto.report/TM/74685229). @@ -49,11 +49,15 @@ GnuPG was a major early implementation of OpenPGP. Over the years, the importanc Because the GnuPG program binary is called "gpg," "GnuPG" and "gpg" are often used interchangeably. -## The OpenPGP version 4 era +## The RFC 4880 era ### OpenPGP version 4 -In 2007, the IETF published [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880), which defined version 4 of the OpenPGP standard. As of late 2023, version 4 is the most commonly used version. +In 2007, the IETF published [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880), which defines version 4 OpenPGP artifacts. As of late 2023, version 4 is the most commonly used version. + +An extension for Elliptic Curve Cryptography was defined in [RFC 6637](https://www.rfc-editor.org/rfc/rfc6637). + +Some implementations explored other non-standardized extensions. Notably, algorithms based on Curve 25519 were tentatively defined in the [rfc4880bis](https://www.ietf.org/archive/id/draft-ietf-openpgp-rfc4880bis-10.html#name-elliptic-curve-cryptography) document. These algorithms are widely used, even though rfc4880bis has never been finalized as a new version of the standard. (major_implementations)= ### Major implementations of OpenPGP From e4631e2b2375d7f683a2dca82c3343c3bc40c867 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 21:16:00 +0100 Subject: [PATCH 4/6] "Zooming in" content was moved to chapters at the end of the book --- book/source/02-highlevel.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/02-highlevel.md b/book/source/02-highlevel.md index 832bc3d..af539b3 100644 --- a/book/source/02-highlevel.md +++ b/book/source/02-highlevel.md @@ -102,7 +102,7 @@ There is [ongoing work](https://datatracker.ietf.org/doc/draft-wussler-openpgp-p ## Zooming in: Internal structure of OpenPGP data -OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure throughout the following chapters. +OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure in a series of chapters at the end of this document. Getting familiar with the internal format of OpenPGP data is a good way to get familiar with the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), and it may also come in handy for debugging issues. From 080c88909b6c94e642742bf5e6bfcaf51098db85 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 1 Nov 2023 21:16:19 +0100 Subject: [PATCH 5/6] Cut redundancy --- book/source/02-highlevel.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/book/source/02-highlevel.md b/book/source/02-highlevel.md index af539b3..621d3f1 100644 --- a/book/source/02-highlevel.md +++ b/book/source/02-highlevel.md @@ -104,8 +104,6 @@ There is [ongoing work](https://datatracker.ietf.org/doc/draft-wussler-openpgp-p OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure in a series of chapters at the end of this document. -Getting familiar with the internal format of OpenPGP data is a good way to get familiar with the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), and it may also come in handy for debugging issues. - -Gaining some familiarity with the internal structure of OpenPGP data will also help us to read the OpenPGP RFC, which describes the internal structure of OpenPGP packets in full detail. +Getting familiar with the internal format of OpenPGP data is a good way to get familiar with the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/),which describes the internal structure of OpenPGP packets in full detail. It may also come in handy for debugging issues. (Most of the time, however, we will look at OpenPGP artifacts at a higher level of abstraction.) From 139a543db28ec3e8f547da071ac9e6abe2bd0cbb Mon Sep 17 00:00:00 2001 From: "Tammi L. Coles" Date: Fri, 3 Nov 2023 11:59:37 +0100 Subject: [PATCH 6/6] resolve https://codeberg.org/openpgp/notes/pulls/104#issuecomment-1318049 --- book/source/02-highlevel.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/source/02-highlevel.md b/book/source/02-highlevel.md index 621d3f1..3dbbb26 100644 --- a/book/source/02-highlevel.md +++ b/book/source/02-highlevel.md @@ -104,6 +104,6 @@ There is [ongoing work](https://datatracker.ietf.org/doc/draft-wussler-openpgp-p OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure in a series of chapters at the end of this document. -Getting familiar with the internal format of OpenPGP data is a good way to get familiar with the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/),which describes the internal structure of OpenPGP packets in full detail. It may also come in handy for debugging issues. +Getting familiar with the internal format of OpenPGP data provides practical insight into the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), which describes the internal structure of OpenPGP packets in full detail, and may also come in handy for debugging issues. (Most of the time, however, we will look at OpenPGP artifacts at a higher level of abstraction.)