2.6.1 An Open Specification for Pretty Good Privacy (openpgp)

NOTE: This charter is a snapshot of the 50th IETF Meeting in Minneapolis, Minnesota. It may now be out-of-date. Last Modified: 14-Mar-01


John Noerenberg <jwn2@qualcomm.com>

Security Area Director(s):

Jeffrey Schiller <jis@mit.edu>
Marcus Leech <mleech@nortelnetworks.com>

Security Area Advisor:

Jeffrey Schiller <jis@mit.edu>

Mailing Lists:

General Discussion:ietf-openpgp@imc.org
To Subscribe: ietf-openpgp-request@imc.org
In Body: Only the word subscribe
Archive: http://www.imc.org/ietf-open-pgp/mail-archive/

Description of Working Group:

PGP, or Pretty Good Privacy, first appeared on the Internet in 1991. It has enjoyed significant popularity amongst the Internet Community.

PGP is used both for protecting E-mail and File Storage. It presents a way to digitally sign and encrypt information "objects." As such it is well suited for any store and forward application.
The goal of the OpenPGP working group is to provide IETF standards for the algorithms and formats of PGP processed objects as well as providing the MIME framework for exchanging them via e-mail or other transport protocols.
Because there is a significant installed base of PGP users, the working group will consider compatibilty issues to avoid disenfranchising the existing community of PGP users.
Security Issues:
The whole purpose of Open-PGP is to provide security services.

Goals and Milestones:



Submit Internet-Draft for PGP Key Format & Message Specification



Submit Internet Draft for MIME encapsulation of PGP Messages Specification



Issue WG Last Call for PGP Key Format & Message Specification Internet-Draft documents



Submit PGP Key Format & Message Specification Internet-Draft to IESG for consideration as a Proposed Standard.

Request For Comments:






OpenPGP Message Format

Current Meeting Report

OpenPGP minutes

We met on Tuesday afternoon, Mar 20th with the following agenda:

- Agenda bashing
- Pgp/MIME
- Openpgp oven cooking competition
- Pgp consortium
- Charter review
- Wg->fin_wait
Rod Thayer took down the minutes. This message is derived from his notes.

There were no changes to the agenda so we proceeded with the remaining items.

The PGP/MIME draft is ready for WG Last Call. The Chair expects the WG will be able to recommend the draft to the IESG within a month. John Noerenberg noticed a normative reference to the multiple signature draft. He recommended removing the reference, but formally adopting multiple signatures as an additional work item.

The Chair is planning to sponsor an interoperability testing meeting in San Diego in late Spring or early Summer. There are notes on the mailing list regarding a general plan for the meeting. The principal goal of the meeting is to assess whether there are sufficiently interoperable implementations of RFC2440 to allow the WG to recommend RFC2440 advance to DRAFT status. The workshop will also provide the opportunity to test PGP/MIME implementations and transport and network protocols which use PGP encryption and authentication.

The Chair announced that Phil Zimmerman is organizing a PGP Consortium for implementers and users. The url for the consortium is http://www.openpgp.org.

Adopting multiple signatures as a work item will require a change to WG charter. The WG members in attendance did not express a strong opinion in either direction. [Because of activity on the mailing list the Chair plans to request the IESG allow modification of the charter to add this item.]

Whether or not this item is added to our charter, we expect the WG to shut down by the next IETF meeting.

That completed the business of the meeting, and we adjourned.


None received.