[openpgp] WG Action: Rechartered Open Specification for Pretty Good Privacy (openpgp)

The IESG <iesg-secretary@ietf.org> Fri, 15 December 2023 20:50 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: openpgp@ietf.org
Delivered-To: openpgp@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id AFCC4C14F5F6; Fri, 15 Dec 2023 12:50:52 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.0.1
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, openpgp-chairs@ietf.org, openpgp@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <170267345271.31825.16906555698138132277@ietfa.amsl.com>
Date: Fri, 15 Dec 2023 12:50:52 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/yUKdItfnk1qlY102sKxXEFDTn5Q>
Subject: [openpgp] WG Action: Rechartered Open Specification for Pretty Good Privacy (openpgp)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Dec 2023 20:50:52 -0000

The Open Specification for Pretty Good Privacy (openpgp) WG in the Security
Area of the IETF has been rechartered. For additional information, please
contact the Area Directors or the WG Chairs.

Open Specification for Pretty Good Privacy (openpgp)
Current status: Active WG

  Stephen Farrell <stephen.farrell@cs.tcd.ie>
  Daniel Gillmor <dkg@fifthhorseman.net>

Assigned Area Director:
  Roman Danyliw <rdd@cert.org>

Security Area Directors:
  Roman Danyliw <rdd@cert.org>
  Paul Wouters <paul.wouters@aiven.io>

Mailing list:
  Address: openpgp@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/openpgp
  Archive: https://mailarchive.ietf.org/arch/browse/openpgp/

Group page: https://datatracker.ietf.org/group/openpgp/

Charter: https://datatracker.ietf.org/doc/charter-ietf-openpgp/

OpenPGP standardized mechanisms for object encryption, object signing, and
identity certification.

The working group is chartered to work on improvements and additions to the
OpenPGP format and ecosystem to address certain issues that have been
identified by the community, as set out in the list of in-scope topics below.
Due to the WG having been dormant for a number of years, there is somewhat of
a backlog of topics, and as addressing all of these topics at once seems
difficult, the WG will follow the process defined below to prioritize current
lists of milestones, selected from this long list of in-scope topics.

# In-scope Topics

The working group will produce a number of specifications that are adjacent
to the OpenPGP specification and provide guidance to OpenPGP libraries and/or
applications. These improvements may include:

## Security improvements

- **Post-Quantum Cryptography (PQC)**: The addition and facilitation of
post-quantum algorithms for encryption and signing (using
draft-wussler-openpgp-pqc) as initial input).

- **Forward secrecy**: enable encrypted OpenPGP communication that cannot be
decrypted when long-term keys are compromised.

- **Context binding**: facilitate [domain separation for signing and/or

## New functionality

- **Automatic Forwarding**: using proxy re-encryption (using
draft-wussler-openpgp-forwarding) as initial input).

- **Persistent Symmetric Keys**: for long-term storage of symmetric key
material, symmetrically encrypted messages, and symmetric attestations (using
draft-huigens-openpgp-persistent-symmetric-keys as initial input).

- **First-Party Approval of Third-Party Certifications (1PA3PC)**: to
mitigate certificate flooding attacks (using draft-dkg-openpgp-1pa3pc as
initial input).

- **Superseded Keys**: to facilitate [transition to new keys without revoking
the old ones](https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/222).

- **Stateless OpenPGP Interface (SOP)**: using
draft-dkg-openpgp-stateless-cli as initial input.

- **PGP/MIME Separate Encrypted Parts**: Extending RFC3156 to describe
[messages composed of multiple encrypted

- **cert-d**: A common certificate storage mechanism (using
draft-nwjw-openpgp-cert-d as initial input).

## Network-based Key Discovery Mechanisms

- **HTTP Keyserver Protocol (HKP)**: using draft-gallagher-openpgp-hkp as
initial input.

- **Web Key Directory (WKD)**: using draft-koch-openpgp-webkey-service as
initial input.

## Key Verification Mechanisms

- **Web-of-Trust (WoT)**: Specifying semantics for the WoT calculus (using
[the OpenPGP Web of Trust draft](https://sequoia-pgp.gitlab.io/sequoia-wot/)
as initial input).

- **Key Transparency**: in collaboration with the [Key Transparency Working
Group](https://datatracker.ietf.org/wg/keytrans/about/), e.g., integrating
its outputs.

- **Key Verification**: Improved manual key verification, for example using a
QR code.

## Miscellaneous Cleanup Work

- **Semantics**: Define semantics of mechanisms provided by OpenPGP.
  This includes, but is not limited to, defining validity of signatures,
  acceptance and placement of signature subpackets, as well as structure and
  meaning of certificates and messages.

- **User ID Conventions**: Properly document User ID conventions (using
draft-dkg-openpgp-userid-conventions as initial input).

- **Revocation**: Clarify and improve revocation semantics and workflows,
including replacement of the deprecated Revocation Key mechanism (using
draft-dkg-openpgp-revocation as initial input).

- **Message Grammar**:
the OpenPGP Message Grammar; e.g., by limiting nesting, or by constraining
sequences of packet types.

- **PGP/MIME One-Pass Signatures**: Extending RFC3156 to permit [one-pass
signature verification for v6

# Working Group Process

All work items will require demonstration of interoperable support by at
least two independent implementations before being submitted to the IESG for

The WG chairs will periodically poll the WG for which of the topics above to
add as milestones, as participant interest, document editor, review and
implementer resources permit. The WG chairs will ensure that the list of
active topics is credible at all times, likely resulting in only 3-4 topics
being "active" at any given time. Such polls will typically result in the
addition of a call-for-adoption for one or two new topics from the list
above, depending on resources, and as currently active work is completed. As
calls-for-adoption are held, those will also consider the intended-status
(PS, informational, BCP) for the documents concerned. Completion will
typically mean that a draft has passed working group last call or IETF last
call, but, if needed, the chairs will make use of other datatracker IETF
document states (e.g., parked WG document) if some document is stalled for
technical or personnel reasons, leaving space for tackling another topic.

The set of initial milestones below was selected following discussion on the
WG list following the above process, and will be updated periodically as
milestones are met.


  Jan 2024 - Call for adoption of drafts related to post quantum cryptography
  to produce a proposed standard RFC

  Mar 2024 - Call for adoption of drafts related to superseded keys to
  produce a proposed standard RFC

  Mar 2024 - Call for adoption of drafts related to persistent symmetric keys
  to produce a proposed standard RFC

  Jun 2024 - Call for adoption of drafts related to WKD and/or HKP to produce
  a proposed standard RFC