OpenPGP

Created: 2024-01-19
Last Updated: 2024-01-26
Available Formats: XML
HTML
Plain text

Registries included below

OpenPGP String-to-Key (S2K) Types
OpenPGP Packet Types
OpenPGP User Attribute Subpacket Types
OpenPGP Image Attribute Encoding Format
OpenPGP Signature Subpacket Types
OpenPGP Key Server Preference Flags
OpenPGP Reason for Revocation Code
OpenPGP Features Flags
OpenPGP New Packet Versions (OBSOLETE)
OpenPGP Key Flags
OpenPGP Public Key Algorithms
OpenPGP Symmetric Key Algorithms
OpenPGP Hash Algorithms
OpenPGP Compression Algorithms
OpenPGP Secret Key Encryption (S2K Usage Octet)
OpenPGP Signature Types
OpenPGP Signature Notation Data Subpacket Notation Flags
OpenPGP Signature Notation Data Subpacket Types
OpenPGP Key ID and Fingerprint
OpenPGP Image Attribute Version
OpenPGP Armor Header Line
OpenPGP Armor Header Key
OpenPGP ECC Curve OID and Usage
OpenPGP ECC Curve-specific Wire Formats
OpenPGP Hash Algorithm Identifiers for RSA Signatures Use of EMSA-PKCS1-v1_5 Padding
OpenPGP AEAD Algorithms
OpenPGP Encrypted Message Packet Versions
OpenPGP Key and Signature Versions
OpenPGP Elliptic Curve Point Wire Formats
OpenPGP Elliptic Curve Scalar Encodings
OpenPGP ECDH KDF and KEK Parameters

OpenPGP String-to-Key (S2K) Types

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	S2K Type	S2K Field Size (Octets)	Generate?	Reference
0	Simple S2K	2	No	[RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.1]
1	Salted S2K	10	Only when string is high entropy	[RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.2]
2	Reserved value		No	[RFC-ietf-openpgp-crypto-refresh-13]
3	Iterated and Salted S2K	11	Yes	[RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.3]
4	Argon2	20	Yes	[RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.4]
5-99	Unassigned
100-110	Private/Experimental S2K		As appropriate	[RFC-ietf-openpgp-crypto-refresh-13]
111-255	Unassigned

OpenPGP Packet Types

Registration Procedure(s)

RFC Required

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Critical	Packet Type Description	Shorthand	Reference
0	Yes	Reserved - a packet tag MUST NOT have this packet type ID		[RFC-ietf-openpgp-crypto-refresh-13]
1	Yes	Public-Key Encrypted Session Key Packet	PKESK	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.1]
2	Yes	Signature Packet	SIG	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2]
3	Yes	Symmetric-Key Encrypted Session Key Packet	SKESK	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.3]
4	Yes	One-Pass Signature Packet	OPS	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.4]
5	Yes	Secret-Key Packet	SECKEY	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.3]
6	Yes	Public-Key Packet	PUBKEY	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.1]
7	Yes	Secret-Subkey Packet	SECSUBKEY	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.4]
8	Yes	Compressed Data Packet	COMP	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.6]
9	Yes	Symmetrically Encrypted Data Packet	SED	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.7]
10	Yes	Marker Packet	MARKER	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.8]
11	Yes	Literal Data Packet	LIT	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.9]
12	Yes	Trust Packet	TRUST	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.10]
13	Yes	User ID Packet	UID	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.11]
14	Yes	Public-Subkey Packet	PUBSUBKEY	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.2]
15-16		Unassigned
17	Yes	User Attribute Packet	UAT	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.12]
18	Yes	Symmetrically Encrypted and Integrity Protected Data Packet	SEIPD	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.13]
19	Yes	Reserved (formerly Modification Detection Code Packet)		[RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.1]
20	Yes	Reserved		[RFC-ietf-openpgp-crypto-refresh-13]
21	Yes	Padding Packet	PADDING	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.14]
22-39	Yes	Unassigned Critical Packet
40-59	No	Unassigned Non-Critical Packet
60-63	No	Private or Experimental Values		[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP User Attribute Subpacket Types

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Attribute Subpacket	Reference
0	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
1	Image Attribute Subpacket	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.12.1]
2-99	Unassigned
100-110	Private/Experimental Use	[RFC-ietf-openpgp-crypto-refresh-13]
111-255	Unassigned

OpenPGP Image Attribute Encoding Format

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Encoding	Reference
0	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
1	JPEG	[JPEG File Interchange Format]
2-99	Unassigned
100-110	Experimental or Private Use	[RFC-ietf-openpgp-crypto-refresh-13]
111-255	Unassigned

OpenPGP Signature Subpacket Types

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Description	Reference
0	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
1	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
2	Signature Creation Time	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.11]
3	Signature Expiration Time	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.18]
4	Exportable Certification	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.19]
5	Trust Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.21]
6	Regular Expression	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.22]
7	Revocable	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.20]
8	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
9	Key Expiration Time	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.13]
10	Placeholder for backward compatibility	[RFC-ietf-openpgp-crypto-refresh-13]
11	Preferred Symmetric Ciphers for v1 SEIPD	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.14]
12	Revocation Key (deprecated)	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.23]
13-15	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
16	Issuer Key ID	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.12]
17-19	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
20	Notation Data	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.24]
21	Preferred Hash Algorithms	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.16]
22	Preferred Compression Algorithms	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.17]
23	Key Server Preferences	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.25]
24	Preferred Key Server	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.26]
25	Primary User ID	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.27]
26	Policy URI	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.28]
27	Key Flags	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.29]
28	Signer's User ID	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.30]
29	Reason for Revocation	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.31]
30	Features	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.32]
31	Signature Target	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.33]
32	Embedded Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.34]
33	Issuer Fingerprint	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.35]
34	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
35	Intended Recipient Fingerprint	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.36]
37	Reserved (Attested Certifications)	[RFC-ietf-openpgp-crypto-refresh-13]
38	Reserved (Key Block)	[RFC-ietf-openpgp-crypto-refresh-13]
39	Preferred AEAD Ciphersuites	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.15]
40-99	Unassigned
100-110	Private or experimental	[RFC-ietf-openpgp-crypto-refresh-13]
111-127	Unassigned

OpenPGP Key Server Preference Flags

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

This is a variable length bit field.

Available Formats

CSV

Flag	Shorthand	Definition	Reference
0x80...	No-modify	The keyholder requests that this key only be modified or updated by the keyholder or an administrator of the key server.	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Reason for Revocation Code

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Code	Reason	Reference
0	No reason specified (key revocations or cert revocations)	[RFC-ietf-openpgp-crypto-refresh-13]
1	Key is superseded (key revocations)	[RFC-ietf-openpgp-crypto-refresh-13]
2	Key material has been compromised (key revocations)	[RFC-ietf-openpgp-crypto-refresh-13]
3	Key is retired and no longer used (key revocations)	[RFC-ietf-openpgp-crypto-refresh-13]
4-31	Unassigned
32	User ID information is no longer valid (cert revocations)	[RFC-ietf-openpgp-crypto-refresh-13]
33-99	Unassigned
100-110	Private Use	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Features Flags

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

This is a variable length bit field.

Available Formats

CSV

Feature	Definition	Reference
0x01...	Symmetrically Encrypted Integrity Protected Data packet version 1	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.1]
0x02...	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
0x04...	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
0x08...	Symmetrically Encrypted Integrity Protected Data packet version 2	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.2]

OpenPGP New Packet Versions (OBSOLETE)

Registration Procedure(s)

Registry closed

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

Those wishing to use the removed "New Packet Versions" registry 
should instead register new versions of the relevant packets in the 
"OpenPGP Key and Signature Versions", "OpenPGP Key ID and 
Fingerprint" and "OpenPGP Encrypted Message Packet Versions" 
registries.

No registrations at this time.

OpenPGP Key Flags

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

This is a variable length bit field.

Available Formats

CSV

Flag	Definition	Reference
0x01...	This key may be used to make User ID certifications (signature type IDs 0x10-0x13) or direct key signatures (signature type ID 0x1F) over other keys.	[RFC-ietf-openpgp-crypto-refresh-13]
0x02...	This key may be used to sign data.	[RFC-ietf-openpgp-crypto-refresh-13]
0x04...	This key may be used to encrypt communications.	[RFC-ietf-openpgp-crypto-refresh-13]
0x08...	This key may be used to encrypt storage.	[RFC-ietf-openpgp-crypto-refresh-13]
0x10...	The private component of this key may have been split by a secret-sharing mechanism.	[RFC-ietf-openpgp-crypto-refresh-13]
0x20...	This key may be used for authentication.	[RFC-ietf-openpgp-crypto-refresh-13]
0x80...	The private component of this key may be in the possession of more than one person.	[RFC-ietf-openpgp-crypto-refresh-13]
0x0004...	Reserved (ADSK)	[RFC-ietf-openpgp-crypto-refresh-13]
0x0008...	Reserved (timestamping)	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Public Key Algorithms

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Algorithm	Public Key Format	Secret Key Format	Signature Format	PKESK Format	Reference
0	Reserved					[RFC-ietf-openpgp-crypto-refresh-13]
1	RSA (Encrypt or Sign) [FIPS186]	MPI(n), MPI(e) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.1]	MPI(d), MPI(p), MPI(q), MPI(u)	MPI(m**d mod n) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.1]	MPI(m**e mod n) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.3]	[RFC-ietf-openpgp-crypto-refresh-13]
2	RSA Encrypt-Only [FIPS186]	MPI(n), MPI(e) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.1]	MPI(d), MPI(p), MPI(q), MPI(u)	N/A	MPI(m**e mod n) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.3]	[RFC-ietf-openpgp-crypto-refresh-13]
3	RSA Sign-Only [FIPS186]	MPI(n), MPI(e) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.1]	MPI(d), MPI(p), MPI(q), MPI(u)	MPI(m**d mod n) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.1]	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
4-15	Unassigned
16	Elgamal (Encrypt-Only) [ELGAMAL]	MPI(p), MPI(g), MPI(y) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.3]	MPI(x)	N/A	MPI(g*k mod p), MPI (m y**k mod p) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.4]	[RFC-ietf-openpgp-crypto-refresh-13]
17	DSA (Digital Signature Algorithm) [FIPS186]	MPI(p), MPI(q), MPI(g), MPI(y) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.2]	MPI(x)	MPI(r), MPI(s) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.2]	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
18	ECDH public key algorithm	OID, MPI(point in curve-specific point format), KDFParams [see [RFC-ietf-openpgp-crypto-refresh-13, Sections 9.2.1, 5.5.5.6]]	MPI(value in curve-specific format) [RFC-ietf-openpgp-crypto-refresh-13, Section 9.2.1]	N/A	MPI(point in curve-specific point format), size octet, encoded key [RFC-ietf-openpgp-crypto-refresh-13, Sections 9.2.1, 5.1.5, 11.5]	[RFC-ietf-openpgp-crypto-refresh-13]
19	ECDSA public key algorithm [FIPS186]	OID, MPI(point in SEC1 format) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.4]	MPI(value)	MPI(r), MPI(s) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.2]	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
20	Reserved (formerly Elgamal Encrypt or Sign)					[RFC-ietf-openpgp-crypto-refresh-13]
21	Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME)					[RFC-ietf-openpgp-crypto-refresh-13]
22	EdDSALegacy (deprecated)	OOID, MPI(point in prefixed native format) [see [RFC-ietf-openpgp-crypto-refresh-13, Sections 11.2.2, 5.5.5.5]]	MPI(value in curve-specific format) [see [RFC-ietf-openpgp-crypto-refresh-13, Section 9.2.1]]	MPI, MPI [see [RFC-ietf-openpgp-crypto-refresh-13, Sections 9.2.1, 5.2.3.3]]	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
23	Reserved (AEDH)					[RFC-ietf-openpgp-crypto-refresh-13]
24	Reserved (AEDSA)					[RFC-ietf-openpgp-crypto-refresh-13]
25	X25519	32 octets [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.7]]	32 octets	N/A	32 octets, size octet, encoded key [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.6]]	[RFC-ietf-openpgp-crypto-refresh-13]
26	X448	56 octets [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.8]]	56 octets	N/A	56 octets, size octet, encoded key [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.7]]	[RFC-ietf-openpgp-crypto-refresh-13]
27	Ed25519	32 octets [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.9]]	32 octets	64 octets [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.4]]		[RFC-ietf-openpgp-crypto-refresh-13]
28	Ed448	57 octets [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.10]]	57 octets	114 octets [see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.5]]		[RFC-ietf-openpgp-crypto-refresh-13]
29-99	Unassigned
100-110	Private/Experimental algorithm
111-255	Unassigned

OpenPGP Symmetric Key Algorithms

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

When registering a new symmetric cipher with a block size of 64 or
128 bits and a key size that is a multiple of 64 bits, no new
considerations are needed.

If the new cipher has a different block size, there needs to be
additional documentation describing how to use the cipher in CFB
mode.

If the new cipher has an unusual key size, then padding needs to be
considered for X25519 and X448 keywrap, which currently needs no
padding.

Available Formats

CSV

ID	Algorithm	Reference
0	Plaintext or unencrypted data	[RFC-ietf-openpgp-crypto-refresh-13]
1	IDEA	[Lai, X., "On the design and security of block ciphers", ETH Series in Information Processing, J.L. Massey (editor), Vol. 1, Hartung-Gorre Verlag Knostanz, Technische Hochschule (Zurich), 1992][RFC-ietf-openpgp-crypto-refresh-13]
2	TripleDES (DES-EDE, [SP800-67] - 168 bit key derived from 192)	[RFC-ietf-openpgp-crypto-refresh-13]
3	CAST5 (128 bit key, as per [RFC2144])	[RFC-ietf-openpgp-crypto-refresh-13]
4	Blowfish (128 bit key, 16 rounds)	[BLOWFISH]
5	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
6	Reserved	[RFC-ietf-openpgp-crypto-refresh-13]
7	AES with 128-bit key	[AES]
8	AES with 192-bit key	[RFC-ietf-openpgp-crypto-refresh-13]
9	AES with 256-bit key	[RFC-ietf-openpgp-crypto-refresh-13]
10	Twofish with 256-bit key	[TWOFISH]
11	Camellia with 128-bit key	[RFC3713]
12	Camellia with 192-bit key	[RFC-ietf-openpgp-crypto-refresh-13]
13	Camellia with 256-bit key	[RFC-ietf-openpgp-crypto-refresh-13]
14-99	Unassigned
100-110	Private/Experimental algorithm	[RFC-ietf-openpgp-crypto-refresh-13]
111-252	Unassigned
253-255	Reserved to avoid collision with Secret Key Encryption (see the "OpenPGP Secret Key Encryption (S2K Usage Octet)" registry and [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.3])	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Hash Algorithms

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

When registering a new hash algorithm, if the algorithm is also to
be used with RSA signing schemes, it must also have an entry in the
"OpenPGP Hash Algorithm Identifiers for RSA Signatures use of
EMSA-PKCS1-v1_5 Padding" registry.

Available Formats

CSV

ID	Algorithm	Text Name	V6 Signature Salt Size	Reference
0	Reserved			[RFC-ietf-openpgp-crypto-refresh-13]
1	MD5	"MD5"	N/A	[RFC1321]
2	SHA-1	"SHA1"	N/A	[FIPS180][RFC-ietf-openpgp-crypto-refresh-13, Section 13.1]
3	RIPEMD-160	"RIPEMD160"	N/A	[RIPEMD-160]
4-7	Reserved			[RFC-ietf-openpgp-crypto-refresh-13]
8	SHA2-256	"SHA256"	16	[FIPS180]
9	SHA2-384	"SHA384"	24	[FIPS180]
10	SHA2-512	"SHA512"	32	[FIPS180]
11	SHA2-224	"SHA224"	16	[FIPS180]
12	SHA3-256	"SHA3-256"	16	[FIPS202]
13	Reserved			[RFC-ietf-openpgp-crypto-refresh-13]
14	SHA3-512	"SHA3-512"	32	[FIPS202]
15-99	Unassigned
100-110	Private/Experimental algorithm			[RFC-ietf-openpgp-crypto-refresh-13]
111-255	Unassigned

OpenPGP Compression Algorithms

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Algorithm	Reference
0	Uncompressed	[RFC-ietf-openpgp-crypto-refresh-13]
1	ZIP	[RFC1951]
2	ZLIB	[RFC1950]
3	BZip2	[BZ2]
4-99	Unassigned	[RFC-ietf-openpgp-crypto-refresh-13]
100-110	Private/Experimental algorithm	[RFC-ietf-openpgp-crypto-refresh-13]
111-255	Unassigned	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Secret Key Encryption (S2K Usage Octet)

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

S2K Usage Octet	Shorthand	Encryption Parameter Fields	Encryption	Generate?	Reference
0	Unprotected	-	v3 or v4 keys: [cleartext secrets \|\| check(secrets)] v6 keys: [cleartext secrets]	Yes	[RFC-ietf-openpgp-crypto-refresh-13]
Known symmetric cipher algo ID (see "OpenPGP Symmetric Key Algorithms" registry)	LegacyCFB	IV	CFB(MD5(passphrase), secrets \|\| check(secrets))	No	[RFC-ietf-openpgp-crypto-refresh-13]
253	AEAD	params-length (v6-only), cipher-algo, AEAD-mode, S2K-specifier-length (v6-only), S2K-specifier, nonce	AEAD(HKDF(S2K(passphrase), info), secrets, packetprefix)	Yes	[RFC-ietf-openpgp-crypto-refresh-13]
254	CFB	params-length (v6-only), cipher-algo, S2K-specifier-length (v6-only), S2K-specifier, IV	CFB(S2K(passphrase), secrets \|\| SHA1(secrets))	Yes	[RFC-ietf-openpgp-crypto-refresh-13]
255	MalleableCFB	cipher-algo, S2K-specifier, IV	CFB(S2K(passphrase), secrets \|\| check(secrets))	No	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Signature Types

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Name	Reference
0x00	Binary Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.1]
0x01	Text Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.2]
0x02	Standalone Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.3]
0x03-0x0F	Unassigned
0x10	Generic Certification	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.4]
0x11	Persona Certification	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.5]
0x12	Casual Certification	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.6]
0x13	Positive Certification	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.7]
0x14-0x17	Unassigned
0x18	Subkey Binding Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.8]
0x19	Primary Key Binding Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.9]
0x1A-0x1E	Unassigned
0x1F	Direct Key Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.10]
0x20	Key Revocation	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.11]
0x21-0x27	Unassigned
0x28	Subkey Revocation	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.12]
0x29-0x2F	Unassigned
0x30	Certification Revocation	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.13]
0x31-0x3F	Unassigned
0x40	Timestamp Signature	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.14]
0x41-0x4F	Unassigned
0x50	Third-Party Confirmation	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.15]
0x51-0xFE	Unassigned
0xFF	Reserved	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.16]

OpenPGP Signature Notation Data Subpacket Notation Flags

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Flag Position	Shorthand	Description	Reference
0x80000000 (first bit of first octet)	human-readable	Notation value is UTF-8 text.	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Signature Notation Data Subpacket Types

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

Notation names are arbitrary Unicode strings encoded in UTF-8. They
reside in two namespaces: The IETF namespace and the user namespace.

This registry documents the IETF namespace. The names in this
registry MUST NOT contain the "@" character (0x40), since the
presence of that character indicates the user namespace.

Notation Name	Data Type	Allowed Values	Reference
No registrations at this time.

OpenPGP Key ID and Fingerprint

Registration Procedure(s)

RFC Required

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

When a new key version is defined, the "OpenPGP Key and Signature
Versions" registry should also be updated.

Available Formats

CSV

Key Version	Fingerprint	Fingerprint Length (Bits)	Key ID	Reference
3	MD5(MPIs without length octets)	128	low 64 bits of RSA modulus	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.4.1]
4	SHA1(normalized pubkey packet)	160	last 64 bits of fingerprint	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.4.2]
6	SHA256(normalized pubkey packet)	256	first 64 bits of fingerprint	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.4.3]

OpenPGP Image Attribute Version

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Version	Reference
1	[RFC-ietf-openpgp-crypto-refresh-13, Section 5.12.1]

OpenPGP Armor Header Line

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Armor Header	Use	Reference
BEGIN PGP MESSAGE	Used for signed, encrypted, or compressed files.	[RFC-ietf-openpgp-crypto-refresh-13]
BEGIN PGP PUBLIC KEY BLOCK	Used for armoring public keys.	[RFC-ietf-openpgp-crypto-refresh-13]
BEGIN PGP PRIVATE KEY BLOCK	Used for armoring private keys.	[RFC-ietf-openpgp-crypto-refresh-13]
BEGIN PGP SIGNATURE	Used for detached signatures, OpenPGP/MIME signatures, and cleartext signatures.	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Armor Header Key

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Key	Summary	Reference
Version	Implementation information	[RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.1]
Comment	Arbitrary text	[RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.2]
Hash	Hash algorithms used in some v4 cleartext signed messages	[RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.3]
Charset	Character set	[RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.4]

OpenPGP ECC Curve OID and Usage

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

When a new elliptic curve is registered for use with OpenPGP, it
should also be added to the "OpenPGP ECC Curve-specific Wire
Formats" registry. If it is used for ECDH, also add it to the
"OpenPGP ECDH KDF and KEK Parameters" registry.

Available Formats

CSV

ASN.1 Object Identifier	OID Len	Curve OID Octets	Curve Name	Usage	Field Size (fsize)	Reference
1.2.840.10045.3.1.7	8	2A 86 48 CE 3D 03 01 07	NIST P-256	ECDSA, ECDH	32	[RFC-ietf-openpgp-crypto-refresh-13]
1.3.132.0.34	5	2B 81 04 00 22	NIST P-384	ECDSA, ECDH	48	[RFC-ietf-openpgp-crypto-refresh-13]
1.3.132.0.35	5	2B 81 04 00 23	NIST P-521	ECDSA, ECDH	66	[RFC-ietf-openpgp-crypto-refresh-13]
1.3.36.3.3.2.8.1.1.7	9	2B 24 03 03 02 08 01 01 07	brainpoolP256r1	ECDSA, ECDH	32	[RFC-ietf-openpgp-crypto-refresh-13]
1.3.36.3.3.2.8.1.1.11	9	2B 24 03 03 02 08 01 01 0B	brainpoolP384r1	ECDSA, ECDH	48	[RFC-ietf-openpgp-crypto-refresh-13]
1.3.36.3.3.2.8.1.1.13	9	2B 24 03 03 02 08 01 01 0D	brainpoolP512r1	ECDSA, ECDH	64	[RFC-ietf-openpgp-crypto-refresh-13]
1.3.6.1.4.1.11591.15.1	9	2B 06 01 04 01 DA 47 0F 01	Ed25519Legacy	EdDSALegacy	32	[RFC-ietf-openpgp-crypto-refresh-13]
1.3.6.1.4.1.3029.1.5.1	10	2B 06 01 04 01 97 55 01 05 01	Curve25519Legacy	ECDH	32	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP ECC Curve-specific Wire Formats

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Curve	ECDH Point Format	ECDH Secret Key MPI	EdDSA Secret Key MPI	EdDSA Signature first MPI	EdDSA Signature second MPI	Reference
NIST P-256	SEC1	integer	N/A	N/A	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
NIST P-384	SEC1	integer	N/A	N/A	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
NIST P-521	SEC1	integer	N/A	N/A	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
brainpoolP256r1	SEC1	integer	N/A	N/A	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
brainpoolP384r1	SEC1	integer	N/A	N/A	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
brainpoolP512r1	SEC1	integer	N/A	N/A	N/A	[RFC-ietf-openpgp-crypto-refresh-13]
Ed25519Legacy	N/A	N/A	32 octets of secret	32 octets of R	32 octets of S	[RFC-ietf-openpgp-crypto-refresh-13]
Curve25519Legacy	prefixed native	integer (see [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.5.6.1.1])	N/A	N/A	N/A	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Hash Algorithm Identifiers for RSA Signatures Use of EMSA-PKCS1-v1_5 Padding

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Hash Algorithm	OID	Full Hash Prefix	Reference
MD5	1.2.840.113549.2.5	0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10	[RFC-ietf-openpgp-crypto-refresh-13]
SHA-1	1.3.14.3.2.26	0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14	[RFC-ietf-openpgp-crypto-refresh-13]
RIPEMD-160	1.3.36.3.2.1	0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x24, 0x03, 0x02, 0x01, 0x05, 0x00, 0x04, 0x14	[RFC-ietf-openpgp-crypto-refresh-13]
SHA2-256	2.16.840.1.101.3.4.2.1	0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20	[RFC-ietf-openpgp-crypto-refresh-13]
SHA2-384	2.16.840.1.101.3.4.2.2	0x30, 0x41, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30	[RFC-ietf-openpgp-crypto-refresh-13]
SHA2-512	2.16.840.1.101.3.4.2.3	0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40	[RFC-ietf-openpgp-crypto-refresh-13]
SHA2-224	2.16.840.1.101.3.4.2.4	0x30, 0x2D, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1C	[RFC-ietf-openpgp-crypto-refresh-13]
SHA3-256	2.16.840.1.101.3.4.2.8	0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x08, 0x05, 0x00, 0x04, 0x20	[RFC-ietf-openpgp-crypto-refresh-13]
SHA3-512	2.16.840.1.101.3.4.2.10	0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x0a, 0x05, 0x00, 0x04, 0x40	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP AEAD Algorithms

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

ID	Name	Nonce Length (Octets)	Authentication Tag Length (Octets)	Reference
0	Reserved			[RFC-ietf-openpgp-crypto-refresh-13]
1	EAX	16	16	[EAX]
2	OCB	15	16	[RFC7253]
3	GCM	12	16	[SP800-38D]
4-99	Unassigned
100-110	Private/Experimental algorithm			[RFC-ietf-openpgp-crypto-refresh-13]
111-255	Unassigned

OpenPGP Encrypted Message Packet Versions

Registration Procedure(s)

RFC Required

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

When a new version of SEIPD, PKESK, or SKESK are defined, consider
also adding a corresponding flag to the "OpenPGP Features Flags"
registry.

Available Formats

CSV

Version of Encrypted Data Payload	Version of Preceding Symmetric-Key ESK (If Any)	Version of Preceding Public-Key ESK (If Any)	Generate?	Reference
SED [RFC-ietf-openpgp-crypto-refresh-13, Section 5.7]	-	v2 PKESK [RFC2440]	No	[RFC-ietf-openpgp-crypto-refresh-13]
SED [RFC-ietf-openpgp-crypto-refresh-13, Section 5.7]	v4 SKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.3.1]	v3 PKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.1]	No	[RFC-ietf-openpgp-crypto-refresh-13]
v1 SEIPD [RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.1]	v4 SKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.3.1]	v3 PKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.1]	Yes	[RFC-ietf-openpgp-crypto-refresh-13]
v2 SEIPD [RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.2]	v6 SKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.3.2]	v6 PKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.2]	Yes	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Key and Signature Versions

Registration Procedure(s)

RFC Required

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Note

When a new key version is defined, the "OpenPGP Key ID and
Fingerprint" registry should also be updated.

Available Formats

CSV

Signing Key Version	Signature Packet Version	OPS Packet Version	Generate?	Reference
3 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.2.1]	3 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.2]	3 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.4]	No	[RFC-ietf-openpgp-crypto-refresh-13]
4 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.2.2]	3 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.2]	3 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.4]	No	[RFC-ietf-openpgp-crypto-refresh-13]
4 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.2.2]	4 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3]	3 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.4]	Yes	[RFC-ietf-openpgp-crypto-refresh-13]
6 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.2.3]	6 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3]	6 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.4]	Yes	[RFC-ietf-openpgp-crypto-refresh-13]

OpenPGP Elliptic Curve Point Wire Formats

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Name	Wire Format	Reference
SEC1	0x04 \|\| x \|\| y	[RFC-ietf-openpgp-crypto-refresh-13, Section 11.2.1]
Prefixed native	0x40 \|\| native	[RFC-ietf-openpgp-crypto-refresh-13, Section 11.2.2]

OpenPGP Elliptic Curve Scalar Encodings

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Type	Description	Reference
integer	An integer, big-endian encoded as a standard OpenPGP MPI	[RFC-ietf-openpgp-crypto-refresh-13, Section 3.2]
octet string	An octet string of fixed length, that may be shorter on the wire due to leading zeros being stripped by the MPI encoding, and may need to be zero-padded before use	[RFC-ietf-openpgp-crypto-refresh-13, Section 11.3.1]
prefixed N octets	An octet string of fixed length N, prefixed with octet 0x40 to ensure no leading zero octet	[RFC-ietf-openpgp-crypto-refresh-13, Section 11.3.2]

OpenPGP ECDH KDF and KEK Parameters

Registration Procedure(s)

Specification Required

Expert(s)

Unassigned

Reference

[RFC-ietf-openpgp-crypto-refresh-13]

Available Formats

CSV

Curve	Hash Algorithm	Symmetric Algorithm	Reference
NIST P-256	SHA2-256	AES-128	[RFC-ietf-openpgp-crypto-refresh-13]
NIST P-384	SHA2-384	AES-192	[RFC-ietf-openpgp-crypto-refresh-13]
NIST P-521	SHA2-512	AES-256	[RFC-ietf-openpgp-crypto-refresh-13]
brainpoolP256r1	SHA2-256	AES-128	[RFC-ietf-openpgp-crypto-refresh-13]
brainpoolP384r1	SHA2-384	AES-192	[RFC-ietf-openpgp-crypto-refresh-13]
brainpoolP512r1	SHA2-512	AES-256	[RFC-ietf-openpgp-crypto-refresh-13]
Curve25519Legacy	SHA2-256	AES-128	[RFC-ietf-openpgp-crypto-refresh-13]