Proton hosted the sixth OpenPGP Email Summit. Last month, developers from numerous OpenPGP-related projects came together at Proton’s headquarters in Geneva to work together and discuss the future of encrypted email using the OpenPGP standard. Proton had offered to host the sixth installment of the (normally) annual summit after the previous meeting in Berlin in 2019. However, that meeting was postponed due to the pandemic. Now, with lockdowns across Europe ending, we could finally come together again.
In attendance were developers from projects such as Thunderbird, Enigmail, and Proton Mail, OpenPGP implementations such as Sequoia-PGP, PGPainless, OpenPGP.js, and GopenPGP, and the German Federal Office for Information Security (BSI). The topics under discussion ranged from how to add post-quantum cryptography to OpenPGP to improving the usability of encrypted email.
The timing was fortuitous as the OpenPGP standard (RFC 4880) is currently in the last stages of receiving a “crypto refresh”, which modernizes the cryptographic primitives used in the standard, by adding more secure signing and encryption algorithms. The result of this will be published as a new RFC in the coming future. Discussions thus also turned to potential future topics for standardization after that work is done in a possible “re-chartering” of the OpenPGP Working Group.