Pretty Good Privacy (PGP) 

(last updated 2007-11-20)

Registries included below:
- PGP String-to-Key (S2K)
- PGP Packet Types/Tags
- PGP User Attribute Types
- Image Format Subpacket Types
- Signature Subpacket Types
- Signature Notation Data Subpacket Types
- Key Server Preference Extensions
- Reasons for Revocation Extensions 
- Implementation Features
- New Packet Versions 
- Key Flags Extensions
- Public Key Algorithms
- Symmetric Key Algorithms 
- Hash Algorithms
- Compression Algorithms


Registry Name: PGP String-to-Key (S2K)
Reference: [RFC4880]
Registration Procedures: IETF consensus 

Registry:
ID       S2K Type                                         Reference
-------  -----------------------------------------------  ---------
0        Simple S2K                                       [RFC4880]
1        Salted S2K                                       [RFC4880]
2        Reserved value                                   [RFC4880]
3        Iterated and Salted S2K                          [RFC4880]
4-99     Unassigned                                       [RFC4880]
100-110  Private/Experimental S2K                         [RFC4880]
111-255  Available for assignment                         [RFC4880]


Registry Name: PGP Packet Types/Tags 
Reference: [RFC4880]
Registration Procedures: IETF consensus 

Registry:
Value  Attribute                                           Reference
-----  --------------------------------------------------  ---------
0      Reserved - a packet tag MUST NOT have this value    [RFC4880]
1      Public-Key Encrypted Session Key Packet             [RFC4880]
2      Signature Packet                                    [RFC4880]
3      Symmetric-Key Encrypted Session Key Packet          [RFC4880]
4      One-Pass Signature Packet                           [RFC4880]
5      Secret Key Packet                                   [RFC4880]
6      Public Key Packet                                   [RFC4880]
7      Secret Subkey Packet                                [RFC4880]
8      Compressed Data Packet                              [RFC4880]
9      Symmetrically Encrypted Data Packet                 [RFC4880]
10     Marker Packet                                       [RFC4880]
11     Literal Data Packet                                 [RFC4880]
12     Trust Packet                                        [RFC4880]
13     User ID Packet                                      [RFC4880]
14     Public Subkey Packet                                [RFC4880]
15-16  Unknown                                             
17     User Attribute Packet                               [RFC4880]
18     Sym. Encrypted and Integrity Protected Data Packet  [RFC4880]
19     Modification Detection Code Packet                  [RFC4880]
20-59  Unassigned                                          [RFC4880]
60-63  Private or Experimental Values                      [RFC4880]


Registry Name: PGP User Attribute Types 
Reference: [RFC4880]
Registration Procedures: IETF consensus 

Registry:
Value    Attribute                                  Reference
-------  -----------------------------------------  ---------
0        Reserved                                   [RFC4880]
1        image                                      [RFC4880]
2-99     Unassigned                                 [RFC4880]
100-110  Experimental or private use                [RFC4880]
111-255  Unassigned                                 [RFC4880]


Registry Name: Image Format Subpacket Types
Reference: [RFC4880]
Registration Procedures: IETF consensus 

Registry:
Value    Attribute                                  Reference
-------  -----------------------------------------  ----------
0        Reserved                                   [RFC4880]
1        JPEG                                       [RFC4880]
2-99     Unassigned                                 [RFC4880]
100-110  Experimental or private use                [RFC4880]
111-255  Unassigned                                 [RFC4880]


Registry Name: Signature Subpacket Types
Reference: [RFC4880]
Registration Procedures: IETF consensus

Registry:
Value    Attribute                                           Reference
-------  --------------------------------------------------  ---------
0        Reserved
1        Reserved
2        signature creation time                             [RFC4880]
3        signature expiration time                           [RFC4880]
4        exportable certification                            [RFC4880]
5        trust signature                                     [RFC4880]
6        regular expression                                  [RFC4880]
7        revocable                                           [RFC4880]
8        Reserved
9        key expiration time                                 [RFC4880]
10       placeholder for backward compatibility              [RFC4880]
11       preferred symmetric algorithms                      [RFC4880]
12       revocation key                                      [RFC4880]
13-15    Reserved
16       issuer key ID                                       [RFC4880]
17-19    Reserved
20       notation data                                       [RFC4880]
21       preferred hash algorithms                           [RFC4880]
22       preferred compression algorithms                    [RFC4880]
23       key server preferences                              [RFC4880]
24       preferred key server                                [RFC4880]
25       primary User ID                                     [RFC4880]
26       policy URI                                          [RFC4880]
27       key flags                                           [RFC4880]
28       signer's User ID                                    [RFC4880]
29       reason for revocation                               [RFC4880]
30       features                                            [RFC4880]
31       signature target                                    [RFC4880]
32       embedded signature                                  [RFC4880]
33-99    Unassigned
100-110  private or experimental                             [RFC4880]
111-127  Unassigned                                          [RFC4880]


Registry Name: Signature Notation Data Subpacket Types
Reference: [RFC4880]
Registration Procedures: Expert Review

Note:
Notation names are arbitrary strings encoded in
UTF-8. They reside two name spaces: The IETF name
space and the user name space.

The IETF name space is registered with IANA. These
names MUST NOT contain the "@" character (0x40).
This is a tag for the user name space.

Registry:
Allowed values   Name      Type  Reference
--------------   --------  ----  ---------
There are no registrations at this time


Registry Name: Key Server Preference Extensions 
Reference: [RFC4880]
Registration Procedures: IETF Consensus

Note: This is a variable length bit field.

Registry: 
first octet  Extension                        Reference
-----------  -------------------------------  ---------
0x00-0x07    Unassigned                       [RFC4880]
0x80         No-modify                        [RFC4880]


Registry Name: Reason for Revocation Extensions
Reference: [RFC4880]
Registration Procedures: IETF Consensus

Registry:
Value    Flag                                                         Reference
-------  -----------------------------------------------------------  ---------
0        No reason specified (key revocations or cert revocations)    [RFC4880]
1        Key is superseded (key revocations)                          [RFC4880]
2        Key material has been compromised (key revocations)          [RFC4880]
3        Key is retired and no longer used (key revocations)          [RFC4880]
4-31     Unassigned
32       User ID information is no longer valid (cert revocations)    [RFC4880]
33-99    Unassigned
100-110  Private Use
111-255  Unassigned


Registry Name: Implementation Features
Reference: [RFC4880]
Registration Procedures: IETF Consensus

Registry:
First octet                                            Reference
-----------------------------------------------------  ---------
0x01 - Modification Detection (packets 18 and 19)      [RFC4880]
0x02-0x80  Unassigned                                  [RFC4880]


Registry Name: New Packet Versions
Reference: [RFC4880]
Registration Procedures: IETF Consensus 

Registry:
Name    Type     Allowed Values   Reference
----    ----     ---------------  ---------


Registry Name: Key Flags Extensions
Reference: [RFC4880]
Registration Procedures: IETF Consensus

Registry:
First octet                                               Reference
--------------------------------------------------------  ---------
0x01 - This key may be used to certify other keys.        [RFC4880]
0x02 - This key may be used to sign data.                 [RFC4880]
0x04 - This key may be used to encrypt communications.    [RFC4880]
0x08 - This key may be used to encrypt storage.           [RFC4880]
0x10 - The private component of this key may have been    [RFC4880]
       split by a secret-sharing mechanism.                     
0x20 - This key may be used for authentication.           [RFC4880]
0x80 - The private component of this key may be in the    [RFC4880]
       possession of more than one person.

Note:
The flags in this packet may appear in self-signatures or in
certification signatures. They mean different things depending on
who is making the statement -- for example, a certification
signature that has the "sign data" flag is stating that the
certification is for that use. On the other hand, the
"communications encryption" flag in a self-signature is stating a
preference that a given key be used for communications. Note
however, that it is a thorny issue to determine what is
"communications" and what is "storage." This decision is left wholly
up to the implementation; the authors of this document do not claim
any special wisdom on the issue, and realize that accepted opinion
may change.

The "split key" (0x10) and "group key" (0x80) flags are placed on a
self-signature only; they are meaningless on a certification
signature. They SHOULD be placed only on a direct-key signature
(type 0x1f) or a subkey signature (type 0x18), one that refers to
the key the flag applies to.


Registry Name: Public Key Algorithms
Reference: [RFC4880]
Registration Procedures: IETF Consensus

Registry:
ID       Algorithm                                                       Reference
-------  --------------------------------------------------------------  ---------
0        Reserved
1        RSA (Encrypt or Sign)                                           [HAC]
2        RSA Encrypt-Only
3        RSA Sign-Only
4-15     Unassigned                                                      [RFC4880]
16       Elgamal (Encrypt-Only)                                          [ELGAMAL][HAC]
17       DSA (Digital Signature Algorithm)                               [FIPS186][HAC]
18       Reserved for Elliptic Curve
19       Reserved for ECDSA
20       Reserved (formerly Elgamal Encrypt or Sign)
21       Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME)
22-99    Unassigned
100-110  Private/Experimental algorithm.
111-255  Unassigned


Registry Name: Symmetric Key Algorithms
Reference: [RFC4880]
Registration Procedures: IETF Consensus 

Registry:
ID       Algorithm                                       Reference
-------  ----------------------------------------------  ---------
0        Plaintext or unencrypted data                   [RFC4880]
1        IDEA                                            [IDEA]
2        TripleDES (DES-EDE, [SCHNEIER] [HAC] 168 bit 
         key derived from 192)
3        CAST5 (128 bit key, as per RFC 2144)
4        Blowfish (128 bit key, 16 rounds)               [BLOWFISH]
5        Reserved
6        Reserved
7        AES with 128-bit key                            [AES]
8        AES with 192-bit key                            [AES]
9        AES with 256-bit key                            [AES]
10       Twofish with 256-bit key                        [TWOFISH]
11-99    Unassigned                                      [RFC4880]
100-110  Private/Experimental algorithm                  [RFC4880]
111-255  Unassigned                                      [RFC4880]


Registry Name: Hash Algorithms
Reference: [RFC4880]
Registration Procedures: IETF Consensus 

Registry:
ID       Algorithm                         Text Name      Reference
-------  --------------------------------  -------------  --------------
1        MD5 (deprecated)                  "MD5"          [HAC][RFC1321]
2        SHA-1                             "SHA1"         [FIPS180]
3        RIPE-MD/160                       "RIPEMD160"    [HAC]
4-7      Reserved                                         [RFC4880]
8        SHA256                            "SHA256"       [FIPS180]
9        SHA384                            "SHA384"       [FIPS180]
10       SHA512                            "SHA512"       [FIPS180]
11       SHA224                            "SHA224"       [FIPS180]
4-99     Unassigned                                       [RFC4880]
100-110  Private/Experimental algorithm
111-255  Unassigned                                       [RFC4880]


Registry Name: Compression Algorithms 
Reference: [RFC4880]
Registration Procedures: IETF Consensus 

Registry:
ID       Algorithm                            Reference
-------  -----------------------------------  ---------
0        Uncompressed                         [RFC4880]
1        ZIP                                  [RFC1951]
2        ZLIB                                 [RFC1950]
3        BZip2                                [BZ2]
4-99     Unassigned                           [RFC4880]
100-110  Private/Experimental algorithm       [RFC4880]
111-255  Unassigned                           [RFC4880]


References
----------
[AES]      Advanced Encryption Standards Questions and Answers
           <http://csrc.nist.gov/encryption/aes/round2/aesfact.html>
           <http://csrc.nist.gov/encryption/aes/round2/r2algs.html#Rijndael>

[BLOWFISH] Schneier, B. "Description of a New Variable-Length 
           Key, 64-Bit Block Cipher (Blowfish)"
           Fast Software Encryption, Cambridge Security Workshop
           Proceedings (December 1993), Springer-Verlag, 1994,
           pp191-204
           <http://www.counterpane.com/bfsverlag.html>

[BZ2]      J. Seward, jseward&acm.org, "The Bzip2 and libbzip2
           home page" <http://www.bzip.org/>

[ELGAMAL]  T. Elgamal, "A Public-Key Cryptosystem and a
           Signature Scheme Based on Discrete Logarithms,"
           IEEE Transactions on Information Theory, v. IT-31,
           n. 4, 1985, pp. 469-472.

[FIPS186]  Digital Signature Standard (DSS) (FIPS PUB 186-2).
           <http://csrc.nist.gov/publications/fips/fips186-2/
           fips186-2-change1.pdf>
           FIPS 186-3 describes keys greater than 1024 bits.
           The latest draft is at:
           <http://csrc.nist.gov/publications/drafts/
           fips_186-3/Draft-FIPS-186-3%20_March2006.pdf>

[HAC]      Alfred Menezes, Paul van Oorschot, and Scott Vanstone, 
           "Handbook of Applied Cryptography," CRC Press, 1996.
           <http://www.cacr.math.uwaterloo.ca/hac/>

[IDEA]     Lai, X., "On the design and security of block
           ciphers", ETH Series in Information Processing,
           J.L. Massey (editor), Vol. 1, Hartung-Gorre Verlag
           Knostanz, Technische Hochschule (Zurich), 1992

[RFC1321]  R. Rivest, "The MD5 Message-Digest Algorithm", RFC 1321,
           April 1992.

[RFC1950]  P. Deutsch and J-L. Gailly, "ZLIB Compressed Data Format 
           Specification version 3.3", RFC 1950, May 1996.

[RFC1951]  P. Deutsch, "DEFLATE Compressed Data Format Specification 
           version 1.3", RFC 1951, May 1996. 

[RFC2434]  T. Narten and H. Alvestrand, "Guidelines for Writing 
           an IANA Considerations Section in RFCs", RFC 2434, 
           October 1998.

[RFC4880]  J. Callas, L. Donnerhacke, H. Finney, D. Shaw, R. Thayer, 
           "OpenPGP Message Format", RFC 4880, November 2007.

[TWOFISH]  B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C.
           Hall, and N. Ferguson, "The Twofish Encryption
           Algorithm", John Wiley & Sons, 1999.


(registry created 2007-07-31)

[]
