OpenPGP Alliance - Click for Home Page  
   
  Home  
  About OpenPGP  
  News & Events  
  Members  
  Technical  
  Resources  
  Contact  

History

OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. The OpenPGP protocol defines standard formats for encrypted messages, signatures, private keys, and certificates for exchanging public keys. It is based on PGP as originally developed by Phil Zimmermann.

Pretty Good Privacy or PGP was written by Phil Zimmermann in 1991 and introduced to the Internet community as freeware. For that, he was the target of a three-year criminal investigation, because the US government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its publication as freeware.

Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP became the most widely used email encryption software in the world. After the government dropped its case in early 1996, Zimmermann founded PGP Inc. That company and its intellectual property were acquired by Network Associates Inc (NAI) in December 1997. NAI continued to own and develop PGP products for commercial and freeware purposes. In 2002, NAI discontinued development and sales of PGP, and sold the rights to it to a new company, PGP Corporation.

After leaving NAI in January 2001, Zimmermann started the OpenPGP Alliance, and is currently engaged in other projects, some involving OpenPGP implementors, including PGP Corp. For more details, see his web site.

OpenPGP is the open standards version of NAI's PGP encryption protocol. The OpenPGP Working Group is seeking the qualification of OpenPGP as an Internet Standard as defined by the IETF. Each distinct version of an Internet standards-related specification is published as part of the "Request for Comments" (RFC) document series. OpenPGP is RFC2440. OpenPGP has now reached the second stage in the IETF's four-step standards process, and is currently seeking draft standard status. IETF rules call for a wait of at least six months before a proposed standard becomes a draft, during which it can be demonstrated that there are a number of implementations running and that they are interoperable.

Home | About OpenPGP | News & Events | Members | Technical | Resources | Contact  
  OpenPGP Alliance - Click for Home Page