OpenPGP is a non-proprietary format for authenticating or encrypting data, using public key cryptography.

It is based on the original PGP (Pretty Good Privacy) software.

Beginning in 1997, the OpenPGP Working Group was formed in the Internet Engineering Task Force (IETF) to define this standard that had formerly been a proprietary product since 1991.

Over the past decade, PGP, and later OpenPGP, has become the standard for nearly all of the world’s signed or encrypted email.

OpenPGP also defines a standard format for certificates which, unlike most other certificate formats, enables webs of trust.

OpenPGP formats and uses are specified in many IETF RFCs and drafts1, so these standards can be implemented by any company without paying any licensing fees to anyone.

  1. RFC 3156 MIME Security with OpenPGP, RFC 4880 OpenPGP Message Format (the main one), RFC 5581 The Camellia Cipher in OpenPGP, RFC 6091 Using OpenPGP Keys for Transport Layer Security (TLS) Authentication, RFC 6637 Elliptic Curve Cryptography (ECC) in OpenPGP, and more