PGP
From its dedicated Wikipedia article :
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.[1]
PGP and similar software follow the OpenPGP standard (RFC 4880), an open standard for encrypting and decrypting data. Modern versions of PGP are interoperable with GnuPG and other OpenPGP-compliant systems.[2]
The OpenPGP standard has received criticism for its long-lived keys and the difficulty in learning it,[3] as well as the Efail security vulnerability that previously arose when select e-mail programs used OpenPGP with S/MIME.[4][5] The new OpenPGP standard (RFC 9580) has also been criticised by the maintainer of GnuPG Werner Koch, who in response created his own specification LibrePGP.[6] This response was dividing, with some embracing his alternative specification,[7] and others considering it to be insecure.[8]
Sequoia PGP
From its official website and code repository :
Sequoia is a complete implementation of OpenPGP as defined by RFC 9580 as well as the deprecated OpenPGP as defined by RFC 4880, and various related standards.
OpenPGP is a standard by the IETF. It was derived from the PGP software, which was created by Phil Zimmermann in 1991.
Sequoia consists of several crates, providing both a low-level and a high-level API for dealing with OpenPGP data.
Nixpkgs
- 📦︎ sequoia-sq
- 📦︎ sequoia-wot
- 📦︎ sequoia-sqv
- 📦︎ sequoia-sqop
- 📦︎ sequoia-chameleon-gnupg (note: 🚩︎missing dependencies for
gpg-sq)
NixOS
There is no Nixpkgs module for Sequoia PGP yet
Home Manager
There is no home manager module for Sequoia PGP yet
A GitHub issue is opened about its featuring : 🚩︎#8345
Git Integration
Git having hardcoded the GNU Privacy Guard command interface, you will need to use 📦︎ sequoia-chameleon-gnupg (also see the discourse post about this)
To do this using home manager :
{
...
lib,
pkgs,
...
}:
{
...
home = {
...
packages = with pkgs; [
...
sequoia-chameleon-gnupg
gnupg # required until https://github.com/NixOS/nixpkgs/issues/473387 is fixed
...
];
};
programs = {
home-manager.enable = true;
...
git = {
enable = true;
...
signing = {
signByDefault = true;
format = "openpgp";
signer = lib.getExe pkgs.sequoia-chameleon-gnupg;
key = "<REPLACE_THIS_WITH_YOUR_KEY_FINGERPRINT>"; # Replace `<REPLACE_THIS_WITH_YOUR_KEY_FINGERPRINT>` with your key fingerprint
};
...
};
};
...
services = {
...
gpg-agent = { # Dependency of `pkgs.sequoia-chameleon-gnupg`
enable = true;
...
};
...
};
...
}
GNU Privacy Guard
From its dedicated Wikipedia article :
GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's cryptographic software suite PGP. The software is compliant with the now obsoleted[9] Template:IETF RFCRFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperable with GnuPG and other OpenPGP v4-compliant systems.[10]
November 2023 saw two drafts aiming to update the 2007 OpenPGP v4 specification (RFC4880), ultimately resulting in the RFC 9580 standard in July 2024. The proposal from the GnuPG developers, which is called LibrePGP, was not taken up by the OpenPGP Working Group and future versions of GnuPG will not support the current version of OpenPGP.[11]
GnuPG is part of the GNU Project and received major funding from the German government in 1999.[12]
Nixpkgs
NixOS
Other modules have integrations for the GNU Privacy Guard
Home Manager
Other modules have integrations for the GNU Privacy Guard
- ↑ Template:Cite webZimmermann, Philip R. (1999). "Why I Wrote PGP". Essays on PGP. Phil Zimmermann & Associates LLC. Archived from the original on June 24, 2018. Retrieved July 6, 2014.
- ↑ Template:Cite web"Gnu Privacy Guard". GnuPG.org. Archived from the original on April 29, 2015. Retrieved May 26, 2015.
- ↑ Template:Cite webLatacora (July 16, 2019). "The PGP Problem". Retrieved November 22, 2024.
- ↑ Template:Cite web"Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels" (PDF).
- ↑ Template:Cite webYen, Andy (May 15, 2018). "No, PGP is not broken, not even with the Efail vulnerabilities". Proton. Retrieved January 22, 2025.
- ↑ Template:Cite webEdge, Jake (December 6, 2023). "A schism in the OpenPGP world [LWN.net]". lwn.net. Archived from the original on February 22, 2024. Retrieved February 14, 2024.
- ↑ Template:Cite webTse, Ronald; Olshevsky, Nickolay (July 22, 2024). "RNP proudly supports LibrePGP". RNP. Retrieved January 22, 2025.
- ↑ Template:Cite webGallagher, Andrew (September 11, 2024). "A Summary of Known Security Issues in LibrePGP". Retrieved January 22, 2025.
- ↑ Template:Cite webWouters, Paul; Huigens, Daniel; Winter, Justus; Yutaka, Niibe (July 2024). "RFC 9580 OpenPGP". RFC Editor. IETF. Retrieved 2024-12-19.
- ↑ Template:Cite web"GnuPG Frequently Asked Questions". The GNU Privacy Guard. Archived from the original on 2015-04-29. Retrieved 2015-05-26.
- ↑ Template:Cite webEdge, Jake (December 6, 2023). "A schism in the OpenPGP world". Linux Weekly News. Retrieved 2023-12-09.
- ↑ Template:Cite web"Bundesregierung fördert Open Source" (in German). Heise Online. 1999-11-15. Archived from the original on October 12, 2013. Retrieved July 24, 2013.