This registry is also available in XML and plain text formats.
Registries included below
| ID | S2K Type | Reference |
|---|---|---|
| 0 | Simple S2K | [RFC4880] |
| 1 | Salted S2K | [RFC4880] |
| 2 | Reserved value | [RFC4880] |
| 3 | Iterated and Salted S2K | [RFC4880] |
| 4-99 | Unassigned | [RFC4880] |
| 100-110 | Private/Experimental S2K | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved - a packet tag MUST NOT have this value | [RFC4880] |
| 1 | Public-Key Encrypted Session Key Packet | [RFC4880] |
| 2 | Signature Packet | [RFC4880] |
| 3 | Symmetric-Key Encrypted Session Key Packet | [RFC4880] |
| 4 | One-Pass Signature Packet | [RFC4880] |
| 5 | Secret Key Packet | [RFC4880] |
| 6 | Public Key Packet | [RFC4880] |
| 7 | Secret Subkey Packet | [RFC4880] |
| 8 | Compressed Data Packet | [RFC4880] |
| 9 | Symmetrically Encrypted Data Packet | [RFC4880] |
| 10 | Marker Packet | [RFC4880] |
| 11 | Literal Data Packet | [RFC4880] |
| 12 | Trust Packet | [RFC4880] |
| 13 | User ID Packet | [RFC4880] |
| 14 | Public Subkey Packet | [RFC4880] |
| 15-16 | Unknown | |
| 17 | User Attribute Packet | [RFC4880] |
| 18 | Sym. Encrypted and Integrity Protected Data Packet | [RFC4880] |
| 19 | Modification Detection Code Packet | [RFC4880] |
| 20-59 | Unassigned | [RFC4880] |
| 60-63 | Private or Experimental Values | [RFC4880] |
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved | [RFC4880] |
| 1 | image | [RFC4880] |
| 2-99 | Unassigned | [RFC4880] |
| 100-110 | Experimental or private use | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved | [RFC4880] |
| 1 | JPEG | [RFC4880] |
| 2-99 | Unassigned | [RFC4880] |
| 100-110 | Experimental or private use | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved | |
| 1 | Reserved | |
| 2 | signature creation time | [RFC4880] |
| 3 | signature expiration time | [RFC4880] |
| 4 | exportable certification | [RFC4880] |
| 5 | trust signature | [RFC4880] |
| 6 | regular expression | [RFC4880] |
| 7 | revocable | [RFC4880] |
| 8 | Reserved | |
| 9 | key expiration time | [RFC4880] |
| 10 | placeholder for backward compatibility | [RFC4880] |
| 11 | preferred symmetric algorithms | [RFC4880] |
| 12 | revocation key | [RFC4880] |
| 13-15 | Reserved | |
| 16 | issuer key ID | [RFC4880] |
| 17-19 | Reserved | |
| 20 | notation data | [RFC4880] |
| 21 | preferred hash algorithms | [RFC4880] |
| 22 | preferred compression algorithms | [RFC4880] |
| 23 | key server preferences | [RFC4880] |
| 24 | preferred key server | [RFC4880] |
| 25 | primary User ID | [RFC4880] |
| 26 | policy URI | [RFC4880] |
| 27 | key flags | [RFC4880] |
| 28 | signer's User ID | [RFC4880] |
| 29 | reason for revocation | [RFC4880] |
| 30 | features | [RFC4880] |
| 31 | signature target | [RFC4880] |
| 32 | embedded signature | [RFC4880] |
| 33-99 | Unassigned | |
| 100-110 | Private or experimental | [RFC4880] |
| 111-127 | Unassigned | [RFC4880] |
Notation names are arbitrary strings encoded in UTF-8. They reside two name spaces: The IETF name space and the user name space. The IETF name space is registered with IANA. These names MUST NOT contain the "@" character (0x40). This is a tag for the user name space.
| Registry is empty. |
This is a variable length bit field.
| First octet | Extension | Reference |
|---|---|---|
| 0x00-0x07 | Unassigned | [RFC4880] |
| 0x80 | No-modify | [RFC4880] |
| Value | Flag | Reference |
|---|---|---|
| 0 | No reason specified (key revocations or cert revocations) | [RFC4880] |
| 1 | Key is superseded (key revocations) | [RFC4880] |
| 2 | Key material has been compromised (key revocations) | [RFC4880] |
| 3 | Key is retired and no longer used (key revocations) | [RFC4880] |
| 4-31 | Unassigned | |
| 32 | User ID information is no longer valid (cert revocations) | [RFC4880] |
| 33-99 | Unassigned | |
| 100-110 | Private Use | |
| 111-255 | Unassigned |
| First octet | Feature | Reference |
|---|---|---|
| 0x01 | Modification Detection (packets 18 and 19) | [RFC4880] |
| 0x02-0x80 | Unassigned | [RFC4880] |
| Registry is empty. |
The flags in this packet may appear in self-signatures or in certification signatures. They mean different things depending on who is making the statement -- for example, a certification signature that has the "sign data" flag is stating that the certification is for that use. On the other hand, the "communications encryption" flag in a self-signature is stating a preference that a given key be used for communications. Note however, that it is a thorny issue to determine what is "communications" and what is "storage." This decision is left wholly up to the implementation; the authors of this document do not claim any special wisdom on the issue, and realize that accepted opinion may change. The "split key" (0x10) and "group key" (0x80) flags are placed on a self-signature only; they are meaningless on a certification signature. They SHOULD be placed only on a direct-key signature (type 0x1f) or a subkey signature (type 0x18), one that refers to the key the flag applies to.
| First octet | Extension | Reference |
|---|---|---|
| 0x01 | This key may be used to certify other keys. | [RFC4880] |
| 0x02 | This key may be used to sign data. | [RFC4880] |
| 0x04 | This key may be used to encrypt communications. | [RFC4880] |
| 0x08 | This key may be used to encrypt storage. | [RFC4880] |
| 0x10 | The private component of this key may have been split by a secret-sharing mechanism. | [RFC4880] |
| 0x20 | This key may be used for authentication. | [RFC4880] |
| 0x80 | The private component of this key may be in the possession of more than one person. | [RFC4880] |
| ID | Algorithm | Reference |
|---|---|---|
| 0 | Reserved | |
| 1 | RSA (Encrypt or Sign) | [Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 2 | RSA Encrypt-Only | |
| 3 | RSA Sign-Only | |
| 4-15 | Unassigned | [RFC4880] |
| 16 | Elgamal (Encrypt-Only) | [T. Elgamal, "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v. IT-31, n. 4, 1985, pp. 469-472.][Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 17 | DSA (Digital Signature Algorithm) | [Digital Signature Standard (DSS) (FIPS PUB 186-2).][FIPS 186-3 describes keys greater than 1024 bits.][Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 18 | Reserved for Elliptic Curve | |
| 19 | Reserved for ECDSA | |
| 20 | Reserved (formerly Elgamal Encrypt or Sign) | |
| 21 | Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME) | |
| 22-99 | Unassigned | |
| 100-110 | Private/Experimental algorithm | |
| 111-255 | Unassigned |
| ID | Algorithm | Reference |
|---|---|---|
| 0 | Plaintext or unencrypted data | [RFC4880] |
| 1 | IDEA | [Lai, X., "On the design and security of block ciphers", ETH Series in Information Processing, J.L. Massey (editor), Vol. 1, Hartung-Gorre Verlag Knostanz, Technische Hochschule (Zurich), 1992] |
| 2 | TripleDES (DES-EDE, [SCHNEIER] [HAC] 168 bit key derived from 192) | |
| 3 | CAST5 (128 bit key, as per RFC 2144) | |
| 4 | Blowfish (128 bit key, 16 rounds) | [Schneier, B. "Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish)" Fast Software Encryption, Cambridge Security Workshop Proceedings (December 1993), Springer-Verlag, 1994, pp191-204] |
| 5 | Reserved | |
| 6 | Reserved | |
| 7 | AES with 128-bit key | [http://csrc.nist.gov/encryption/aes/round2/aesfact.html][http://csrc.nist.gov/encryption/aes/round2/r2algs.html#Rijndael][Advanced Encryption Standards Questions and Answers] |
| 8 | AES with 192-bit key | [http://csrc.nist.gov/encryption/aes/round2/aesfact.html][http://csrc.nist.gov/encryption/aes/round2/r2algs.html#Rijndael][Advanced Encryption Standards Questions and Answers] |
| 9 | AES with 256-bit key | [http://csrc.nist.gov/encryption/aes/round2/aesfact.html][http://csrc.nist.gov/encryption/aes/round2/r2algs.html#Rijndael][Advanced Encryption Standards Questions and Answers] |
| 10 | Twofish with 256-bit key | [B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, and N. Ferguson, "The Twofish Encryption Algorithm", John Wiley & Sons, 1999.] |
| 11 | Camellia with 128 bit key | [RFC5581] |
| 12 | Camellia with 192 bit key | [RFC5581] |
| 13 | Camellia with 256 bit key | [RFC5581] |
| 14-99 | Unassigned | |
| 100-110 | Private/Experimental algorithm | [RFC4880] |
| 111-255 | Unassigned |
| ID | Algorithm | Text Name | Reference |
|---|---|---|---|
| 1 | MD5 (deprecated) | "MD5" | [Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.][RFC1321] |
| 2 | SHA-1 | "SHA1" | [[FIPS180]] |
| 3 | RIPE-MD/160 | "RIPEMD160" | [Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 4-7 | Reserved | [RFC4880] | |
| 8 | SHA256 | "SHA256" | [[FIPS180]] |
| 9 | SHA384 | "SHA384" | [[FIPS180]] |
| 10 | SHA512 | "SHA512" | [[FIPS180]] |
| 11 | SHA224 | "SHA224" | [[FIPS180]] |
| 12-99 | Unassigned | [RFC4880] | |
| 100-110 | Private/Experimental algorithm | ||
| 111-255 | Unassigned | [RFC4880] |
| ID | Algorithm | Reference |
|---|---|---|
| 0 | Uncompressed | [RFC4880] |
| 1 | ZIP | [RFC1951] |
| 2 | ZLIB | [RFC1950] |
| 3 | BZip2 | [J. Seward, jseward&acm.org, "The Bzip2 and libbzip2 home page"] |
| 4-99 | Unassigned | [RFC4880] |
| 100-110 | Private/Experimental algorithm | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |