mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-30 03:22:06 +01:00
Merge pull request 'minor edits for ch2' (#104) from heiko-ch2 into draft
Reviewed-on: https://codeberg.org/openpgp/notes/pulls/104
This commit is contained in:
commit
cb5738658d
1 changed files with 11 additions and 9 deletions
|
@ -31,15 +31,15 @@ The origins of OpenPGP can be traced back to *Pretty Good Privacy (PGP)*, a soft
|
|||
|
||||
The original PGP software played a role in the political struggles sometimes referred to as the ["Crypto Wars"](https://en.wikipedia.org/wiki/Crypto_Wars) (also see ["Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital" (2002)](https://en.wikipedia.org/wiki/Crypto_(book)), which includes some of PGP's history).
|
||||
|
||||
The original PGP software was never under a Free Software license, despite its source code being widely published by its author. [PGP's ownership has changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec), and [PGP's scope and suite of products have expanded] (https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications).
|
||||
The original PGP software was never under a Free Software license, despite its source code being widely published by its author. [PGP's ownership has changed over the years](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_and_Symantec), and [PGP's scope and suite of products have expanded](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#PGP_Corporation_encryption_applications).
|
||||
|
||||
### Standardizing OpenPGP
|
||||
|
||||
While PGP was first developed as commercial software, the owner at the time, PGP Inc., started a standardization effort with the IETF, first publishing [RFC 1991 "PGP Message Exchange Formats"](https://datatracker.ietf.org/doc/html/rfc1991) in August 1996.
|
||||
|
||||
In July 1997, a process to produce an open standard under the then new name [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP) was started, resulting in [RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), published in November 1998. RFC 2440 describes OpenPGP version 3.
|
||||
In July 1997, a process to produce an open standard under the then new name [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP) was started, resulting in [RFC 2440 "OpenPGP Message Format"](https://datatracker.ietf.org/doc/html/rfc2440), published in November 1998.
|
||||
|
||||
The name OpenPGP can be used freely by implementations, unlike the name PGP, which is a [registered trademark](https://uspto.report/TM/74685229)).
|
||||
The name OpenPGP can be used freely by implementations, unlike the name PGP, which is a [registered trademark](https://uspto.report/TM/74685229).
|
||||
|
||||
### GnuPG, an early Free Software implementation
|
||||
|
||||
|
@ -49,11 +49,15 @@ GnuPG was a major early implementation of OpenPGP. Over the years, the importanc
|
|||
|
||||
Because the GnuPG program binary is called "gpg," "GnuPG" and "gpg" are often used interchangeably.
|
||||
|
||||
## The OpenPGP version 4 era
|
||||
## The RFC 4880 era
|
||||
|
||||
### OpenPGP version 4
|
||||
|
||||
In 2007, the IETF published [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880), which defined version 4 of the OpenPGP standard. As of late 2023, version 4 is the most commonly used version.
|
||||
In 2007, the IETF published [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880), which defines version 4 OpenPGP artifacts. As of late 2023, version 4 is the most commonly used version.
|
||||
|
||||
An extension for Elliptic Curve Cryptography was defined in [RFC 6637](https://www.rfc-editor.org/rfc/rfc6637).
|
||||
|
||||
Some implementations explored other non-standardized extensions. Notably, algorithms based on Curve 25519 were tentatively defined in the [rfc4880bis](https://www.ietf.org/archive/id/draft-ietf-openpgp-rfc4880bis-10.html#name-elliptic-curve-cryptography) document. These algorithms are widely used, even though rfc4880bis has never been finalized as a new version of the standard.
|
||||
|
||||
(major_implementations)=
|
||||
### Major implementations of OpenPGP
|
||||
|
@ -98,10 +102,8 @@ There is [ongoing work](https://datatracker.ietf.org/doc/draft-wussler-openpgp-p
|
|||
|
||||
## Zooming in: Internal structure of OpenPGP data
|
||||
|
||||
OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure throughout the following chapters.
|
||||
OpenPGP data is internally structured as "packets." We'll look into examples of this internal structure in a series of chapters at the end of this document.
|
||||
|
||||
Getting familiar with the internal format of OpenPGP data is a good way to get familiar with the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), and it may also come in handy for debugging issues.
|
||||
|
||||
Gaining some familiarity with the internal structure of OpenPGP data will also help us to read the OpenPGP RFC, which describes the internal structure of OpenPGP packets in full detail.
|
||||
Getting familiar with the internal format of OpenPGP data provides practical insight into the [RFC](https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/), which describes the internal structure of OpenPGP packets in full detail, and may also come in handy for debugging issues.
|
||||
|
||||
(Most of the time, however, we will look at OpenPGP artifacts at a higher level of abstraction.)
|
||||
|
|
Loading…
Reference in a new issue