OpenPGP Message Format
Network Associates, Inc.
3965 Freedom Circle
Santa Clara
CA 95054
USA
+1 408-346-5860
jon@pgp.com
IKS GmbH
Wildenbruchstr. 15
07745 Jena
Germany
+49-3641-675642
lutz@iks-jena.de
Network Associates, Inc.
3965 Freedom Circle
Santa Clara
CA 95054
USA
hal@pgp.com
EIS Corporation
Clearwater
FL 33767
USA
rodney@unitran.com
Security
pretty good privacy
PGP
security
This document defines many tag values, yet it doesn't describe a
mechanism for adding new tags (for new features). Traditionally the
Internet Assigned Numbers Authority (IANA) handles the allocation of
new values for future expansion and RFCs usually define the procedure
to be used by the IANA. However, there are subtle (and not so
subtle) interactions that may occur in this protocol between new
features and existing features which result in a significant
reduction in over all security. Therefore, this document does not
define an extension procedure. Instead requests to define new tag
values (say for new encryption algorithms for example) should be
forwarded to the IESG Security Area Directors for consideration or
forwarding to the appropriate IETF Working Group for consideration.
This document is maintained in order to publish all necessary
information needed to develop interoperable applications based on the
OpenPGP format. It is not a step-by-step cookbook for writing an
application. It describes only the format and methods needed to read,
check, generate, and write conforming packets crossing any network.
It does not deal with storage and implementation questions. It does,
however, discuss implementation issues necessary to avoid security
flaws.
Open-PGP software uses a combination of strong public-key and
symmetric cryptography to provide security services for electronic
communications and data storage. These services include
confidentiality, key management, authentication, and digital
signatures. This document specifies the message formats used in
OpenPGP.
This document defines many tag values, yet it doesn't describe a
mechanism for adding new tags (for new features). Traditionally the
Internet Assigned Numbers Authority (IANA) handles the allocation of
new values for future expansion and RFCs usually define the procedure
to be used by the IANA. However, there are subtle (and not so
subtle) interactions that may occur in this protocol between new
features and existing features which result in a significant
reduction in over all security. Therefore, this document does not
define an extension procedure. Instead requests to define new tag
values (say for new encryption algorithms for example) should be
forwarded to the IESG Security Area Directors for consideration or
forwarding to the appropriate IETF Working Group for consideration.