Internet Assigned Numbers Authority OpenPGP Created 2024-01-19 Last Updated 2024-01-26 Available Formats [IMG] XML [IMG] HTML [IMG] Plain text Registries included below • OpenPGP String-to-Key (S2K) Types • OpenPGP Packet Types • OpenPGP User Attribute Subpacket Types • OpenPGP Image Attribute Encoding Format • OpenPGP Signature Subpacket Types • OpenPGP Key Server Preference Flags • OpenPGP Reason for Revocation Code • OpenPGP Features Flags • OpenPGP New Packet Versions (OBSOLETE) • OpenPGP Key Flags • OpenPGP Public Key Algorithms • OpenPGP Symmetric Key Algorithms • OpenPGP Hash Algorithms • OpenPGP Compression Algorithms • OpenPGP Secret Key Encryption (S2K Usage Octet) • OpenPGP Signature Types • OpenPGP Signature Notation Data Subpacket Notation Flags • OpenPGP Signature Notation Data Subpacket Types • OpenPGP Key ID and Fingerprint • OpenPGP Image Attribute Version • OpenPGP Armor Header Line • OpenPGP Armor Header Key • OpenPGP ECC Curve OID and Usage • OpenPGP ECC Curve-specific Wire Formats • OpenPGP Hash Algorithm Identifiers for RSA Signatures Use of EMSA-PKCS1-v1_5 Padding • OpenPGP AEAD Algorithms • OpenPGP Encrypted Message Packet Versions • OpenPGP Key and Signature Versions • OpenPGP Elliptic Curve Point Wire Formats • OpenPGP Elliptic Curve Scalar Encodings • OpenPGP ECDH KDF and KEK Parameters OpenPGP String-to-Key (S2K) Types Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID S2K Type S2K Field Size (Octets) Generate? Reference 0 Simple S2K 2 No [RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.1] 1 Salted S2K 10 Only when string is high entropy [RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.2] 2 Reserved value No [RFC-ietf-openpgp-crypto-refresh-13] 3 Iterated and Salted S2K 11 Yes [RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.3] 4 Argon2 20 Yes [RFC-ietf-openpgp-crypto-refresh-13, Section 3.7.1.4] 5-99 Unassigned 100-110 Private/Experimental S2K As appropriate [RFC-ietf-openpgp-crypto-refresh-13] 111-255 Unassigned OpenPGP Packet Types Registration Procedure(s) RFC Required Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Critical Packet Type Description Shorthand Reference 0 Yes Reserved - a packet tag MUST NOT have this packet type ID [RFC-ietf-openpgp-crypto-refresh-13] 1 Yes Public-Key Encrypted Session Key Packet PKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1] 2 Yes Signature Packet SIG [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2] 3 Yes Symmetric-Key Encrypted Session Key Packet SKESK [RFC-ietf-openpgp-crypto-refresh-13, Section 5.3] 4 Yes One-Pass Signature Packet OPS [RFC-ietf-openpgp-crypto-refresh-13, Section 5.4] 5 Yes Secret-Key Packet SECKEY [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.3] 6 Yes Public-Key Packet PUBKEY [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.1] 7 Yes Secret-Subkey Packet SECSUBKEY [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.4] 8 Yes Compressed Data Packet COMP [RFC-ietf-openpgp-crypto-refresh-13, Section 5.6] 9 Yes Symmetrically Encrypted Data Packet SED [RFC-ietf-openpgp-crypto-refresh-13, Section 5.7] 10 Yes Marker Packet MARKER [RFC-ietf-openpgp-crypto-refresh-13, Section 5.8] 11 Yes Literal Data Packet LIT [RFC-ietf-openpgp-crypto-refresh-13, Section 5.9] 12 Yes Trust Packet TRUST [RFC-ietf-openpgp-crypto-refresh-13, Section 5.10] 13 Yes User ID Packet UID [RFC-ietf-openpgp-crypto-refresh-13, Section 5.11] 14 Yes Public-Subkey Packet PUBSUBKEY [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.1.2] 15-16 Unassigned 17 Yes User Attribute Packet UAT [RFC-ietf-openpgp-crypto-refresh-13, Section 5.12] 18 Yes Symmetrically Encrypted and Integrity Protected Data Packet SEIPD [RFC-ietf-openpgp-crypto-refresh-13, Section 5.13] 19 Yes Reserved (formerly Modification Detection Code Packet) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.1] 20 Yes Reserved [RFC-ietf-openpgp-crypto-refresh-13] 21 Yes Padding Packet PADDING [RFC-ietf-openpgp-crypto-refresh-13, Section 5.14] 22-39 Yes Unassigned Critical Packet 40-59 No Unassigned Non-Critical Packet 60-63 No Private or Experimental Values [RFC-ietf-openpgp-crypto-refresh-13] OpenPGP User Attribute Subpacket Types Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Attribute Subpacket Reference 0 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 1 Image Attribute Subpacket [RFC-ietf-openpgp-crypto-refresh-13, Section 5.12.1] 2-99 Unassigned 100-110 Private/Experimental Use [RFC-ietf-openpgp-crypto-refresh-13] 111-255 Unassigned OpenPGP Image Attribute Encoding Format Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Encoding Reference 0 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 1 JPEG [JPEG File Interchange Format] 2-99 Unassigned 100-110 Experimental or Private Use [RFC-ietf-openpgp-crypto-refresh-13] 111-255 Unassigned OpenPGP Signature Subpacket Types Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Description Reference 0 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 1 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 2 Signature Creation Time [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.11] 3 Signature Expiration Time [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.18] 4 Exportable Certification [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.19] 5 Trust Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.21] 6 Regular Expression [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.22] 7 Revocable [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.20] 8 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 9 Key Expiration Time [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.13] 10 Placeholder for backward compatibility [RFC-ietf-openpgp-crypto-refresh-13] 11 Preferred Symmetric Ciphers for v1 SEIPD [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.14] 12 Revocation Key (deprecated) [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.23] 13-15 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 16 Issuer Key ID [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.12] 17-19 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 20 Notation Data [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.24] 21 Preferred Hash Algorithms [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.16] 22 Preferred Compression Algorithms [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.17] 23 Key Server Preferences [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.25] 24 Preferred Key Server [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.26] 25 Primary User ID [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.27] 26 Policy URI [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.28] 27 Key Flags [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.29] 28 Signer's User ID [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.30] 29 Reason for Revocation [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.31] 30 Features [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.32] 31 Signature Target [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.33] 32 Embedded Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.34] 33 Issuer Fingerprint [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.35] 34 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 35 Intended Recipient Fingerprint [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.36] 37 Reserved (Attested Certifications) [RFC-ietf-openpgp-crypto-refresh-13] 38 Reserved (Key Block) [RFC-ietf-openpgp-crypto-refresh-13] 39 Preferred AEAD Ciphersuites [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.3.15] 40-99 Unassigned 100-110 Private or experimental [RFC-ietf-openpgp-crypto-refresh-13] 111-127 Unassigned OpenPGP Key Server Preference Flags Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Note This is a variable length bit field. Available Formats [IMG] CSV Flag Shorthand Definition Reference 0x80... No-modify The keyholder requests that this key only be modified or updated by the keyholder or an [RFC-ietf-openpgp-crypto-refresh-13] administrator of the key server. OpenPGP Reason for Revocation Code Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Code Reason Reference 0 No reason specified (key revocations or cert revocations) [RFC-ietf-openpgp-crypto-refresh-13] 1 Key is superseded (key revocations) [RFC-ietf-openpgp-crypto-refresh-13] 2 Key material has been compromised (key revocations) [RFC-ietf-openpgp-crypto-refresh-13] 3 Key is retired and no longer used (key revocations) [RFC-ietf-openpgp-crypto-refresh-13] 4-31 Unassigned 32 User ID information is no longer valid (cert revocations) [RFC-ietf-openpgp-crypto-refresh-13] 33-99 Unassigned 100-110 Private Use [RFC-ietf-openpgp-crypto-refresh-13] OpenPGP Features Flags Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Note This is a variable length bit field. Available Formats [IMG] CSV Feature Definition Reference 0x01... Symmetrically Encrypted Integrity Protected Data packet version 1 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.1] 0x02... Reserved [RFC-ietf-openpgp-crypto-refresh-13] 0x04... Reserved [RFC-ietf-openpgp-crypto-refresh-13] 0x08... Symmetrically Encrypted Integrity Protected Data packet version 2 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.13.2] OpenPGP New Packet Versions (OBSOLETE) Registration Procedure(s) Registry closed Reference [RFC-ietf-openpgp-crypto-refresh-13] Note Those wishing to use the removed "New Packet Versions" registry should instead register new versions of the relevant packets in the "OpenPGP Key and Signature Versions", "OpenPGP Key ID and Fingerprint" and "OpenPGP Encrypted Message Packet Versions" registries. No registrations at this time. OpenPGP Key Flags Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Note This is a variable length bit field. Available Formats [IMG] CSV Flag Definition Reference 0x01... This key may be used to make User ID certifications (signature type IDs 0x10-0x13) or direct key [RFC-ietf-openpgp-crypto-refresh-13] signatures (signature type ID 0x1F) over other keys. 0x02... This key may be used to sign data. [RFC-ietf-openpgp-crypto-refresh-13] 0x04... This key may be used to encrypt communications. [RFC-ietf-openpgp-crypto-refresh-13] 0x08... This key may be used to encrypt storage. [RFC-ietf-openpgp-crypto-refresh-13] 0x10... The private component of this key may have been split by a secret-sharing mechanism. [RFC-ietf-openpgp-crypto-refresh-13] 0x20... This key may be used for authentication. [RFC-ietf-openpgp-crypto-refresh-13] 0x80... The private component of this key may be in the possession of more than one person. [RFC-ietf-openpgp-crypto-refresh-13] 0x0004... Reserved (ADSK) [RFC-ietf-openpgp-crypto-refresh-13] 0x0008... Reserved (timestamping) [RFC-ietf-openpgp-crypto-refresh-13] OpenPGP Public Key Algorithms Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Algorithm Public Key Format Secret Key Format Signature Format PKESK Format Reference 0 Reserved [RFC-ietf-openpgp-crypto-refresh-13] RSA (Encrypt or MPI(n), MPI(e) MPI(m**d mod n) MPI(m**e mod n) 1 Sign) [FIPS186] [RFC-ietf-openpgp-crypto-refresh-13, MPI(d), MPI(p), MPI(q), MPI(u) [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.1] Section 5.2.3.1] Section 5.1.3] RSA Encrypt-Only MPI(n), MPI(e) MPI(m**e mod n) 2 [FIPS186] [RFC-ietf-openpgp-crypto-refresh-13, MPI(d), MPI(p), MPI(q), MPI(u) N/A [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.1] Section 5.1.3] RSA Sign-Only MPI(n), MPI(e) MPI(m**d mod n) 3 [FIPS186] [RFC-ietf-openpgp-crypto-refresh-13, MPI(d), MPI(p), MPI(q), MPI(u) [RFC-ietf-openpgp-crypto-refresh-13, N/A [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.1] Section 5.2.3.1] 4-15 Unassigned Elgamal MPI(p), MPI(g), MPI(y) MPI(g**k mod p), MPI (m * y**k mod 16 (Encrypt-Only) [RFC-ietf-openpgp-crypto-refresh-13, MPI(x) N/A p) [RFC-ietf-openpgp-crypto-refresh-13] [ELGAMAL] Section 5.5.5.3] [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.4] DSA (Digital MPI(p), MPI(q), MPI(g), MPI(y) MPI(r), MPI(s) 17 Signature Algorithm) [RFC-ietf-openpgp-crypto-refresh-13, MPI(x) [RFC-ietf-openpgp-crypto-refresh-13, N/A [RFC-ietf-openpgp-crypto-refresh-13] [FIPS186] Section 5.5.5.2] Section 5.2.3.2] OID, MPI(point in curve-specific MPI(value in curve-specific format) MPI(point in curve-specific point 18 ECDH public key point format), KDFParams [see [RFC-ietf-openpgp-crypto-refresh-13, N/A format), size octet, encoded key [RFC-ietf-openpgp-crypto-refresh-13] algorithm [RFC-ietf-openpgp-crypto-refresh-13, Section 9.2.1] [RFC-ietf-openpgp-crypto-refresh-13, Sections 9.2.1, 5.5.5.6]] Sections 9.2.1, 5.1.5, 11.5] ECDSA public key OID, MPI(point in SEC1 format) MPI(r), MPI(s) 19 algorithm [FIPS186] [RFC-ietf-openpgp-crypto-refresh-13, MPI(value) [RFC-ietf-openpgp-crypto-refresh-13, N/A [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.4] Section 5.2.3.2] Reserved (formerly 20 Elgamal Encrypt or [RFC-ietf-openpgp-crypto-refresh-13] Sign) Reserved for 21 Diffie-Hellman [RFC-ietf-openpgp-crypto-refresh-13] (X9.42, as defined for IETF-S/MIME) OOID, MPI(point in prefixed native MPI(value in curve-specific format) MPI, MPI [see 22 EdDSALegacy format) [see [see [RFC-ietf-openpgp-crypto-refresh-13, N/A [RFC-ietf-openpgp-crypto-refresh-13] (deprecated) [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, Sections 9.2.1, 5.2.3.3]] Sections 11.2.2, 5.5.5.5]] Section 9.2.1]] 23 Reserved (AEDH) [RFC-ietf-openpgp-crypto-refresh-13] 24 Reserved (AEDSA) [RFC-ietf-openpgp-crypto-refresh-13] 32 octets [see 32 octets, size octet, encoded key 25 X25519 [RFC-ietf-openpgp-crypto-refresh-13, 32 octets N/A [see [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.7]] [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.6]] 56 octets [see 56 octets, size octet, encoded key 26 X448 [RFC-ietf-openpgp-crypto-refresh-13, 56 octets N/A [see [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.8]] [RFC-ietf-openpgp-crypto-refresh-13, Section 5.1.7]] 32 octets [see 64 octets [see 27 Ed25519 [RFC-ietf-openpgp-crypto-refresh-13, 32 octets [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.9]] Section 5.2.3.4]] 57 octets [see 114 octets [see 28 Ed448 [RFC-ietf-openpgp-crypto-refresh-13, 57 octets [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.5.10]] Section 5.2.3.5]] 29-99 Unassigned 100-110 Private/Experimental algorithm 111-255 Unassigned OpenPGP Symmetric Key Algorithms Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Note When registering a new symmetric cipher with a block size of 64 or 128 bits and a key size that is a multiple of 64 bits, no new considerations are needed. If the new cipher has a different block size, there needs to be additional documentation describing how to use the cipher in CFB mode. If the new cipher has an unusual key size, then padding needs to be considered for X25519 and X448 keywrap, which currently needs no padding. Available Formats [IMG] CSV ID Algorithm Reference 0 Plaintext or unencrypted data [RFC-ietf-openpgp-crypto-refresh-13] [Lai, X., "On the design and security of block ciphers", ETH Series in 1 IDEA Information Processing, J.L. Massey (editor), Vol. 1, Hartung-Gorre Verlag Knostanz, Technische Hochschule (Zurich), 1992][RFC-ietf-openpgp-crypto-refresh-13] 2 TripleDES (DES-EDE, [SP800-67] - 168 bit key derived from 192) [RFC-ietf-openpgp-crypto-refresh-13] 3 CAST5 (128 bit key, as per [RFC2144]) [RFC-ietf-openpgp-crypto-refresh-13] 4 Blowfish (128 bit key, 16 rounds) [BLOWFISH] 5 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 6 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 7 AES with 128-bit key [AES] 8 AES with 192-bit key [RFC-ietf-openpgp-crypto-refresh-13] 9 AES with 256-bit key [RFC-ietf-openpgp-crypto-refresh-13] 10 Twofish with 256-bit key [TWOFISH] 11 Camellia with 128-bit key [RFC3713] 12 Camellia with 192-bit key [RFC-ietf-openpgp-crypto-refresh-13] 13 Camellia with 256-bit key [RFC-ietf-openpgp-crypto-refresh-13] 14-99 Unassigned 100-110 Private/Experimental algorithm [RFC-ietf-openpgp-crypto-refresh-13] 111-252 Unassigned Reserved to avoid collision with Secret Key Encryption (see 253-255 the "OpenPGP Secret Key Encryption (S2K Usage Octet)" registry [RFC-ietf-openpgp-crypto-refresh-13] and [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.3]) OpenPGP Hash Algorithms Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Note When registering a new hash algorithm, if the algorithm is also to be used with RSA signing schemes, it must also have an entry in the "OpenPGP Hash Algorithm Identifiers for RSA Signatures use of EMSA-PKCS1-v1_5 Padding" registry. Available Formats [IMG] CSV ID Algorithm Text Name V6 Signature Salt Size Reference 0 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 1 MD5 "MD5" N/A [RFC1321] 2 SHA-1 "SHA1" N/A [FIPS180][RFC-ietf-openpgp-crypto-refresh-13, Section 13.1] 3 RIPEMD-160 "RIPEMD160" N/A [RIPEMD-160] 4-7 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 8 SHA2-256 "SHA256" 16 [FIPS180] 9 SHA2-384 "SHA384" 24 [FIPS180] 10 SHA2-512 "SHA512" 32 [FIPS180] 11 SHA2-224 "SHA224" 16 [FIPS180] 12 SHA3-256 "SHA3-256" 16 [FIPS202] 13 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 14 SHA3-512 "SHA3-512" 32 [FIPS202] 15-99 Unassigned 100-110 Private/Experimental algorithm [RFC-ietf-openpgp-crypto-refresh-13] 111-255 Unassigned OpenPGP Compression Algorithms Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Algorithm Reference 0 Uncompressed [RFC-ietf-openpgp-crypto-refresh-13] 1 ZIP [RFC1951] 2 ZLIB [RFC1950] 3 BZip2 [BZ2] 4-99 Unassigned [RFC-ietf-openpgp-crypto-refresh-13] 100-110 Private/Experimental algorithm [RFC-ietf-openpgp-crypto-refresh-13] 111-255 Unassigned [RFC-ietf-openpgp-crypto-refresh-13] OpenPGP Secret Key Encryption (S2K Usage Octet) Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV S2K Usage Octet Shorthand Encryption Parameter Fields Encryption Generate? Reference v3 or v4 keys: [cleartext secrets 0 Unprotected - || check(secrets)] v6 keys: Yes [RFC-ietf-openpgp-crypto-refresh-13] [cleartext secrets] Known symmetric cipher algo ID (see CFB(MD5(passphrase), secrets || "OpenPGP Symmetric LegacyCFB IV check(secrets)) No [RFC-ietf-openpgp-crypto-refresh-13] Key Algorithms" registry) params-length (v6-only), cipher-algo, AEAD-mode, AEAD(HKDF(S2K(passphrase), info), 253 AEAD S2K-specifier-length secrets, packetprefix) Yes [RFC-ietf-openpgp-crypto-refresh-13] (v6-only), S2K-specifier, nonce params-length (v6-only), 254 CFB cipher-algo, CFB(S2K(passphrase), secrets || Yes [RFC-ietf-openpgp-crypto-refresh-13] S2K-specifier-length SHA1(secrets)) (v6-only), S2K-specifier, IV 255 MalleableCFB cipher-algo, S2K-specifier, IV CFB(S2K(passphrase), secrets || No [RFC-ietf-openpgp-crypto-refresh-13] check(secrets)) OpenPGP Signature Types Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Name Reference 0x00 Binary Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.1] 0x01 Text Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.2] 0x02 Standalone Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.3] 0x03-0x0F Unassigned 0x10 Generic Certification [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.4] 0x11 Persona Certification [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.5] 0x12 Casual Certification [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.6] 0x13 Positive Certification [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.7] 0x14-0x17 Unassigned 0x18 Subkey Binding Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.8] 0x19 Primary Key Binding Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.9] 0x1A-0x1E Unassigned 0x1F Direct Key Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.10] 0x20 Key Revocation [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.11] 0x21-0x27 Unassigned 0x28 Subkey Revocation [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.12] 0x29-0x2F Unassigned 0x30 Certification Revocation [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.13] 0x31-0x3F Unassigned 0x40 Timestamp Signature [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.14] 0x41-0x4F Unassigned 0x50 Third-Party Confirmation [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.15] 0x51-0xFE Unassigned 0xFF Reserved [RFC-ietf-openpgp-crypto-refresh-13, Section 5.2.1.16] OpenPGP Signature Notation Data Subpacket Notation Flags Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Flag Position Shorthand Description Reference 0x80000000 (first bit of first octet) human-readable Notation value is UTF-8 text. [RFC-ietf-openpgp-crypto-refresh-13] OpenPGP Signature Notation Data Subpacket Types Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Note Notation names are arbitrary Unicode strings encoded in UTF-8. They reside in two namespaces: The IETF namespace and the user namespace. This registry documents the IETF namespace. The names in this registry MUST NOT contain the "@" character (0x40), since the presence of that character indicates the user namespace. Notation Name Data Type Allowed Values Reference No registrations at this time. OpenPGP Key ID and Fingerprint Registration Procedure(s) RFC Required Reference [RFC-ietf-openpgp-crypto-refresh-13] Note When a new key version is defined, the "OpenPGP Key and Signature Versions" registry should also be updated. Available Formats [IMG] CSV Key Version Fingerprint Fingerprint Length Key ID Reference (Bits) 3 MD5(MPIs without length octets) 128 low 64 bits of RSA [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.4.1] modulus 4 SHA1(normalized pubkey packet) 160 last 64 bits of [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.4.2] fingerprint 6 SHA256(normalized pubkey 256 first 64 bits of [RFC-ietf-openpgp-crypto-refresh-13, Section 5.5.4.3] packet) fingerprint OpenPGP Image Attribute Version Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Version Reference 1 [RFC-ietf-openpgp-crypto-refresh-13, Section 5.12.1] OpenPGP Armor Header Line Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Armor Header Use Reference BEGIN PGP MESSAGE Used for signed, encrypted, or compressed files. [RFC-ietf-openpgp-crypto-refresh-13] BEGIN PGP PUBLIC KEY BLOCK Used for armoring public keys. [RFC-ietf-openpgp-crypto-refresh-13] BEGIN PGP PRIVATE KEY BLOCK Used for armoring private keys. [RFC-ietf-openpgp-crypto-refresh-13] BEGIN PGP SIGNATURE Used for detached signatures, OpenPGP/MIME signatures, and cleartext [RFC-ietf-openpgp-crypto-refresh-13] signatures. OpenPGP Armor Header Key Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Key Summary Reference Version Implementation information [RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.1] Comment Arbitrary text [RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.2] Hash Hash algorithms used in some v4 cleartext signed messages [RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.3] Charset Character set [RFC-ietf-openpgp-crypto-refresh-13, Section 6.2.2.4] OpenPGP ECC Curve OID and Usage Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Note When a new elliptic curve is registered for use with OpenPGP, it should also be added to the "OpenPGP ECC Curve-specific Wire Formats" registry. If it is used for ECDH, also add it to the "OpenPGP ECDH KDF and KEK Parameters" registry. Available Formats [IMG] CSV ASN.1 Object Identifier OID Len Curve OID Octets Curve Name Usage Field Size (fsize) Reference 1.2.840.10045.3.1.7 8 2A 86 48 CE 3D 03 01 07 NIST P-256 ECDSA, ECDH 32 [RFC-ietf-openpgp-crypto-refresh-13] 1.3.132.0.34 5 2B 81 04 00 22 NIST P-384 ECDSA, ECDH 48 [RFC-ietf-openpgp-crypto-refresh-13] 1.3.132.0.35 5 2B 81 04 00 23 NIST P-521 ECDSA, ECDH 66 [RFC-ietf-openpgp-crypto-refresh-13] 1.3.36.3.3.2.8.1.1.7 9 2B 24 03 03 02 08 01 01 07 brainpoolP256r1 ECDSA, ECDH 32 [RFC-ietf-openpgp-crypto-refresh-13] 1.3.36.3.3.2.8.1.1.11 9 2B 24 03 03 02 08 01 01 0B brainpoolP384r1 ECDSA, ECDH 48 [RFC-ietf-openpgp-crypto-refresh-13] 1.3.36.3.3.2.8.1.1.13 9 2B 24 03 03 02 08 01 01 0D brainpoolP512r1 ECDSA, ECDH 64 [RFC-ietf-openpgp-crypto-refresh-13] 1.3.6.1.4.1.11591.15.1 9 2B 06 01 04 01 DA 47 0F 01 Ed25519Legacy EdDSALegacy 32 [RFC-ietf-openpgp-crypto-refresh-13] 1.3.6.1.4.1.3029.1.5.1 10 2B 06 01 04 01 97 55 01 05 Curve25519Legacy ECDH 32 [RFC-ietf-openpgp-crypto-refresh-13] 01 OpenPGP ECC Curve-specific Wire Formats Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ECDH Point EdDSA EdDSA EdDSA Curve Format ECDH Secret Key MPI Secret Signature Signature Reference Key MPI first MPI second MPI NIST P-256 SEC1 integer N/A N/A N/A [RFC-ietf-openpgp-crypto-refresh-13] NIST P-384 SEC1 integer N/A N/A N/A [RFC-ietf-openpgp-crypto-refresh-13] NIST P-521 SEC1 integer N/A N/A N/A [RFC-ietf-openpgp-crypto-refresh-13] brainpoolP256r1 SEC1 integer N/A N/A N/A [RFC-ietf-openpgp-crypto-refresh-13] brainpoolP384r1 SEC1 integer N/A N/A N/A [RFC-ietf-openpgp-crypto-refresh-13] brainpoolP512r1 SEC1 integer N/A N/A N/A [RFC-ietf-openpgp-crypto-refresh-13] 32 Ed25519Legacy N/A N/A octets 32 octets of 32 octets of [RFC-ietf-openpgp-crypto-refresh-13] of R S secret prefixed integer (see Curve25519Legacy native [RFC-ietf-openpgp-crypto-refresh-13, Section N/A N/A N/A [RFC-ietf-openpgp-crypto-refresh-13] 5.5.5.6.1.1]) OpenPGP Hash Algorithm Identifiers for RSA Signatures Use of EMSA-PKCS1-v1_5 Padding Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Hash Algorithm OID Full Hash Prefix Reference MD5 1.2.840.113549.2.5 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, [RFC-ietf-openpgp-crypto-refresh-13] 0x0D, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10 SHA-1 1.3.14.3.2.26 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, [RFC-ietf-openpgp-crypto-refresh-13] 0x05, 0x00, 0x04, 0x14 RIPEMD-160 1.3.36.3.2.1 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x24, 0x03, 0x02, 0x01, [RFC-ietf-openpgp-crypto-refresh-13] 0x05, 0x00, 0x04, 0x14 SHA2-256 2.16.840.1.101.3.4.2.1 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, [RFC-ietf-openpgp-crypto-refresh-13] 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 SHA2-384 2.16.840.1.101.3.4.2.2 0x30, 0x41, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, [RFC-ietf-openpgp-crypto-refresh-13] 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30 SHA2-512 2.16.840.1.101.3.4.2.3 0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, [RFC-ietf-openpgp-crypto-refresh-13] 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40 SHA2-224 2.16.840.1.101.3.4.2.4 0x30, 0x2D, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, [RFC-ietf-openpgp-crypto-refresh-13] 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1C SHA3-256 2.16.840.1.101.3.4.2.8 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, [RFC-ietf-openpgp-crypto-refresh-13] 0x03, 0x04, 0x02, 0x08, 0x05, 0x00, 0x04, 0x20 SHA3-512 2.16.840.1.101.3.4.2.10 0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, [RFC-ietf-openpgp-crypto-refresh-13] 0x03, 0x04, 0x02, 0x0a, 0x05, 0x00, 0x04, 0x40 OpenPGP AEAD Algorithms Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV ID Name Nonce Length (Octets) Authentication Tag Length (Octets) Reference 0 Reserved [RFC-ietf-openpgp-crypto-refresh-13] 1 EAX 16 16 [EAX] 2 OCB 15 16 [RFC7253] 3 GCM 12 16 [SP800-38D] 4-99 Unassigned 100-110 Private/Experimental algorithm [RFC-ietf-openpgp-crypto-refresh-13] 111-255 Unassigned OpenPGP Encrypted Message Packet Versions Registration Procedure(s) RFC Required Reference [RFC-ietf-openpgp-crypto-refresh-13] Note When a new version of SEIPD, PKESK, or SKESK are defined, consider also adding a corresponding flag to the "OpenPGP Features Flags" registry. Available Formats [IMG] CSV Version of Encrypted Data Payload Version of Preceding Symmetric-Key Version of Preceding Public-Key ESK Generate? Reference ESK (If Any) (If Any) SED [RFC-ietf-openpgp-crypto-refresh-13, - v2 PKESK [RFC2440] No [RFC-ietf-openpgp-crypto-refresh-13] Section 5.7] SED v4 SKESK v3 PKESK [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, No [RFC-ietf-openpgp-crypto-refresh-13] Section 5.7] Section 5.3.1] Section 5.1.1] v1 SEIPD v4 SKESK v3 PKESK [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, Yes [RFC-ietf-openpgp-crypto-refresh-13] Section 5.13.1] Section 5.3.1] Section 5.1.1] v2 SEIPD v6 SKESK v6 PKESK [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, Yes [RFC-ietf-openpgp-crypto-refresh-13] Section 5.13.2] Section 5.3.2] Section 5.1.2] OpenPGP Key and Signature Versions Registration Procedure(s) RFC Required Reference [RFC-ietf-openpgp-crypto-refresh-13] Note When a new key version is defined, the "OpenPGP Key ID and Fingerprint" registry should also be updated. Available Formats [IMG] CSV Signing Key Version Signature Packet Version OPS Packet Version Generate? Reference 3 3 3 [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, No [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.2.1] Section 5.2.2] Section 5.4] 4 3 3 [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, No [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.2.2] Section 5.2.2] Section 5.4] 4 4 3 [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, Yes [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.2.2] Section 5.2.3] Section 5.4] 6 6 6 [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, [RFC-ietf-openpgp-crypto-refresh-13, Yes [RFC-ietf-openpgp-crypto-refresh-13] Section 5.5.2.3] Section 5.2.3] Section 5.4] OpenPGP Elliptic Curve Point Wire Formats Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Name Wire Format Reference SEC1 0x04 || x || y [RFC-ietf-openpgp-crypto-refresh-13, Section 11.2.1] Prefixed native 0x40 || native [RFC-ietf-openpgp-crypto-refresh-13, Section 11.2.2] OpenPGP Elliptic Curve Scalar Encodings Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Type Description Reference integer An integer, big-endian encoded as a standard OpenPGP MPI [RFC-ietf-openpgp-crypto-refresh-13, Section 3.2] An octet string of fixed length, that may be shorter on the wire due to octet string leading zeros being stripped by the MPI encoding, and may need to be [RFC-ietf-openpgp-crypto-refresh-13, Section 11.3.1] zero-padded before use prefixed N octets An octet string of fixed length N, prefixed with octet 0x40 to ensure no [RFC-ietf-openpgp-crypto-refresh-13, Section 11.3.2] leading zero octet OpenPGP ECDH KDF and KEK Parameters Registration Procedure(s) Specification Required Expert(s) Unassigned Reference [RFC-ietf-openpgp-crypto-refresh-13] Available Formats [IMG] CSV Curve Hash Algorithm Symmetric Algorithm Reference NIST P-256 SHA2-256 AES-128 [RFC-ietf-openpgp-crypto-refresh-13] NIST P-384 SHA2-384 AES-192 [RFC-ietf-openpgp-crypto-refresh-13] NIST P-521 SHA2-512 AES-256 [RFC-ietf-openpgp-crypto-refresh-13] brainpoolP256r1 SHA2-256 AES-128 [RFC-ietf-openpgp-crypto-refresh-13] brainpoolP384r1 SHA2-384 AES-192 [RFC-ietf-openpgp-crypto-refresh-13] brainpoolP512r1 SHA2-512 AES-256 [RFC-ietf-openpgp-crypto-refresh-13] Curve25519Legacy SHA2-256 AES-128 [RFC-ietf-openpgp-crypto-refresh-13] Licensing Terms