Open Specification for Pretty Good Privacy (openpgp) Internet Drafts

 Post-Quantum Cryptography in OpenPGP
 Date: 06/02/2025
 Authors: Stavros Kousidis, Johannes Roth, Falko Strenzke, Aron Wussler
 Working Group: Open Specification for Pretty Good Privacy (openpgp)
This document defines a post-quantum public-key algorithm extension for the OpenPGP protocol. Given the generally assumed threat of a cryptographically relevant quantum computer, this extension provides a basis for long-term secure OpenPGP signatures and ciphertexts. Specifically, it defines composite public-key encryption based on ML- KEM (formerly CRYSTALS-Kyber), composite public-key signatures based on ML-DSA (formerly CRYSTALS-Dilithium), both in combination with elliptic curve cryptography, and SLH-DSA (formerly SPHINCS+) as a standalone public key signature scheme.
 Persistent Symmetric Keys in OpenPGP
 Date: 30/01/2025
 Authors: Daniel Huigens
 Working Group: Open Specification for Pretty Good Privacy (openpgp)
This document defines new algorithms for the OpenPGP standard (RFC 9580) to support persistent symmetric keys, for message encryption using authenticated encryption with additional data (AEAD) and for authentication with hash-based message authentication codes (HMAC). This enables the use of symmetric cryptography for data storage (and other contexts that do not require asymmetric cryptography), for improved performance, smaller keys, and improved resistance to quantum computing.
 OpenPGP Key Replacement
 Date: 03/02/2025
 Authors: Daphne Shaw, Andrew Gallagher
 Working Group: Open Specification for Pretty Good Privacy (openpgp)
This document specifies a method in OpenPGP to suggest a replacement for an expired, revoked, or deprecated primary key.


Skip to main content

Open Specification for Pretty Good Privacy (openpgp)

WG Name Open Specification for Pretty Good Privacy
Acronym openpgp
Area Security Area (sec)
State Active
Charter charter-ietf-openpgp-04 Approved
Status update Show Changed 2016-07-20
Document dependencies
Additional resources Chair's message about using gitlab for document development
Get a new gitlab login, or sign in to an existing one
Issue tracker for revision of RFC 4880
Quickstart guide for gitlab
Working gitlab repository for revision of RFC 4880
Zulip stream
Personnel Chairs Daniel Kahn Gillmor, Stephen Farrell
Area Director Paul Wouters
Mailing list Address
To subscribe
Chat Room address

Charter for Working Group

OpenPGP standardized mechanisms for object encryption, object signing, and identity certification.

The working group is chartered to work on improvements and additions to the OpenPGP format and ecosystem to address certain issues that have been identified by the community, as set out in the list of in-scope topics below. Due to the WG having been dormant for a number of years, there is somewhat of a backlog of topics, and as addressing all of these topics at once seems difficult, the WG will follow the process defined below to prioritize current lists of milestones, selected from this long list of in-scope topics.

In-scope Topics

The working group will produce a number of specifications that are adjacent to the OpenPGP specification and provide guidance to OpenPGP libraries and/or applications.
These improvements may include:

Security improvements

  • Post-Quantum Cryptography (PQC): The addition and facilitation of post-quantum algorithms for encryption and signing (using draft-wussler-openpgp-pqc) as initial input).

  • Forward secrecy: enable encrypted OpenPGP communication that cannot be decrypted when long-term keys are compromised.

  • Context binding: facilitate domain separation for signing and/or encryption.

New functionality

Network-based Key Discovery Mechanisms

Key Verification Mechanisms

  • Web-of-Trust (WoT): Specifying semantics for the WoT calculus (using the OpenPGP Web of Trust draft as initial input).

  • Key Transparency: in collaboration with the Key Transparency Working Group, e.g., integrating its outputs.

  • Key Verification: Improved manual key verification, for example using a QR code.

Miscellaneous Cleanup Work

  • Semantics: Define semantics of mechanisms provided by OpenPGP.
    This includes, but is not limited to, defining validity of signatures, acceptance and placement of signature subpackets, as well as structure and meaning of certificates and messages.

  • User ID Conventions: Properly document User ID conventions (using draft-dkg-openpgp-userid-conventions as initial input).

  • Revocation: Clarify and improve revocation semantics and workflows, including replacement of the deprecated Revocation Key mechanism (using draft-dkg-openpgp-revocation as initial input).

  • Message Grammar: Simplify the OpenPGP Message Grammar; e.g., by limiting nesting, or by constraining sequences of packet types.

  • PGP/MIME One-Pass Signatures: Extending RFC3156 to permit one-pass signature verification for v6 signatures

Working Group Process

All work items will require demonstration of interoperable support by at least two independent implementations before being submitted to the IESG for publication.

The WG chairs will periodically poll the WG for which of the topics above to add as milestones, as participant interest, document editor, review and implementer resources permit. The WG chairs will ensure that the list of active topics is credible at all times, likely resulting in only 3-4 topics being "active" at any given time. Such polls will typically result in the addition of a call-for-adoption for one or two new topics from the list above, depending on resources, and as currently active work is completed. As calls-for-adoption are held, those will also consider the intended-status (PS, informational, BCP) for the documents concerned. Completion will typically mean that a draft has passed working group last call or IETF last call, but, if needed, the chairs will make use of other datatracker IETF document states (e.g., parked WG document) if some document is stalled for technical or personnel reasons, leaving space for tackling another topic.

The set of initial milestones below was selected following discussion on the WG list following the above process, and will be updated periodically as milestones are met.


Date Milestone Associated documents
Jun 2024 Call for adoption of drafts related to WKD and/or HKP to produce a proposed standard RFC
Mar 2024 Call for adoption of drafts related to persistent symmetric keys to produce a proposed standard RFC
Mar 2024 Call for adoption of drafts related to superseded keys to produce a proposed standard RFC
Jan 2024 Call for adoption of drafts related to post quantum cryptography to produce a proposed standard RFC