One of the big obstacles to OpenPGP deployments that I've faced over time is
the perception that it's "too complicated", mostly based on the sheer size
of the current RFC. There are two things going on here:
1) Sections of the RFC define what you might call "extras", such as the
ASCII Armor (including a checksum unused elsewhere in the spec)
2) There are a lot of backwards-compatibility things (old-style lengths,
lots of different algorithms)
One of the things I've tried to work on to help in some of my use cases is
a modular description for a subset of OpenPGP that is (hopefully) easier to
immediately grok and/or implement. It is at
<https://github.com/singpolyma/openpgp-spec>
Is there any prior art on IETF specs having a "full" and "simple" form where
full implementations can read any output of simple ones, but not always
vice-versa? Given the (necessary) size of OpenPGP as a whole, it seems like
this might be worth considering.
--
Stephen Paul Weber, @singpolyma
See <http://singpolyma.net> for how I prefer to be contacted
edition right joseph
signature.asc
Description: Digital signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp