Ben Laurie, Curmudgeon, Google
Date: Thursday, 20 October 2005
Time: 10:45 - 11:30
Location: Amsterdam Room
PGP has been around in various forms since 1991. Now an IETF proposed standard, OpenPGP claims to be the most widely used email encryption standard in the world.
Yet the security benefits of authenticated encrypted communication, provided by OpenPGP, have a far wider potential application base than just email.
An OpenPGP SDK
A team led by Ben Laurie (of Apache-SSL fame) is to release an OpenPGP
SDK, a toolkit that will enable OpenPGP to be easily embedded in any application.
This toolkit is currently under consideration as an Apache Software Foundation project.
What's in the SDK?
The presentation will provide an overview of the capabilities and API of the SDK, together with a brief history of PGP. We will cover the design principles and long-term goals of the SDK.
Applications of the SDK, now and in the future
The SDK comes with some example low-level command-line tools to demonstrate usage and for testing purposes. These basic applications allow, for example, an OpenPGP keyring to be parsed with the contents written out in a human-readable format (a "packet dump"), an individual key to be created, or a PGP-encrypted message to be verified.
But the power of the SDK is when it is embedded in other applications: email (of course), online configuration management, business process management tools.
We will describe some more sophisticated example ideas to show how the OpenPGP SDK can be used to build authentication, privacy and auditability through traceability into tomorrow's applications.