Session Date/Time: 25 Jul 2025 09:30

OpenPGP

Summary

This OpenPGP session at the IETF covered several working group documents and presentations on draft specifications. Key discussions revolved around post-quantum cryptography (PQC), replacement keys, persistent symmetric keys, a proposal for post-quantum crypto with NIST Brainpool curves, HKP updates, and forwarding key issues. The session included calls for reviews, discussions on adoption, and future work items.

Key Discussion Points

Post-Quantum Cryptography (PQC): The PQC draft has hit the publication-requested button. Interoperability testing revealed some gaps, particularly with V4 keys and support for non-required post-quantum suites.
Replacement Key Draft: This draft is considered stable, but a clear way to test interoperability is lacking. Volunteers were solicited for reviews and implementations.
Persistent Symmetric Keys Draft: Testing this draft is problematic due to how secret keys are handled in SOP. Further discussion is needed regarding the architecture.
Post-Quantum Crypto with NIST Brainpool: A proposal was presented for hybrid post-quantum crypto using NIST and Brainpool curves. The primary motivation is to support existing implementations using these curves. The need and motivations for different NIST curves were debated.
HKP Update: A proposal to update HKP to support multiple certificates per identity and to address spam issues. The presentation covered a new versioned submission API, pre-authenticated email verification, and canonical certificate ordering. There were discussions on complexity and the use of binary keys vs. legacy functionality.
Forwarding Key Issues: Discussion of the current state of forwarding and the need for changes to support new algorithms such as X25519 and X448. A new packet, FKESK, was proposed.
Media Types: Discussion regarding the existing media types for PGP and the need for new types to represent binary formats. There was no clear solution at this point.

Decisions and Action Items

PQC: The chairs will nudge the rest of the process for PQC.
Replacement Key Draft: Daniel and Aaron volunteered to review the draft. The working group will take to the mailing list to decide when to initiate a working group last call.
Persistent Symmetric Keys Draft: The chairs will poke people to do reviews of this draft. Discussion will be encouraged on the mailing list.
Post-Quantum Crypto with NIST Brainpool: The authors will work to clarify the motivations for NIST curves in the draft. An adoption call will be initiated on the mailing list after clarification. Marked as a candidate for working group adoption in the data tracker.
HKP Update: Andrew will produce a new draft reflecting recent discussions and decisions.
Media Types: Andrew will have more chat with Alexi and maybe come back with a proposal at some point.
Interoperability Testing: The working group needs to determine how to test interoperability for replacement key draft and persistent symmetric key draft.

Next Steps

The working group will discuss what to do next after PQC is further along in the publication process, reviewing previously prioritized items.
Daniel to weigh in with concerns on list about options for persistence metrics.