vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 16:12:05 +01:00
Code Issues Projects Releases Packages Wiki Activity
openpgp-notes/book/source/03-highlevel.md
Heiko Schaefer 5d5079ccb8
move history and present to ch3
2023-09-15 13:03:59 +02:00

3.1 KiB
Raw Blame History

A high-level view

- ?
- Introduce Packet/Subpacket concepts (?)

A very brief history

The OpenPGP standard has evolved over time.

(Also see https://www.openpgp.org/about/history/)

"Pretty Good Privacy (PGP)"

The earliest roots of OpenPGP trace back to "Pretty Good Privacy (PGP)", a software program, written by Phil Zimmermann and first released in 1991.

The original PGP software has played a role in the political struggles sometimes referred to as the "Crypto Wars" (also see https://en.wikipedia.org/wiki/Crypto_(book) for some of that history, including about the history of PGP).

The "PGP" software was never under a Free Software license, even though its source code has at one point been widely published.

The ownership and branding of the product has changed over the years, The software enjoys a continued existence, albeit with changing name and scope.

Standardizing OpenPGP

While the PGP software was developed as a commercial product, the owner at the time, "PGP Inc." started a standardization effort with the IETF in July 1997. The resulting open standard was named OpenPGP.

The result of this early standardization work is RFC 2440 "OpenPGP Message Format", published November 1998.

The name "OpenPGP" can be used freely by implementations (unlike the name "PGP", which is a registered trademark).

GnuPG, a free software implementation

First released 1997-12-20, GnuPG is an implementation of the OpenPGP standard.

GnuPG has been the major Free Software implementation of OpenPGP for a period of time. It has played an important and successful role in the release of NSA documents by Edward Snowden.

The present

Multiple major implementations

Today, multiple implementations of OpenPGP play an important role:

  • Protonmail, who provide email encryption services for a large number of users, use (and maintain) OpenPGP.js.
  • The Thunderbird email software is using the RNP implementation for their built-in OpenPGP support since version 78 (released in mid-2020).
  • The RPM Package Manager software includes an OpenPGP backend based on Sequoia PGP, a modern OpenPGP implementation in Rust. Fedora uses Sequoia PGP in rpm since version 38.

OpenPGP version 6

This document mainly describes OpenPGP version 6, which brings many updates of the core cryptographic mechanisms, compared to the previous version 4.

As of this writing (in 2023), version 4 of OpenPGP is still most commonly used. OpenPGP version 4 is described in RFC 4880.