GnuPG – OSTIF Goals

GnuPG is an open-source project for encrypting messages, primarily email. It uses only open standards for encryption and has no patented software implemented in the source. It supports modern strong cryptography and is widely used by the security and privacy community.

OSTIF Goals for GnuPG:

Primary goals:

-Establish a bug bounty to encourage close scrutiny by the worldwide security community.
-A full security audit of the code by a reputable group. This includes the cryptography, and implementations of the code in the most popular applications.

Secondary goals:

-Research and implement fixes for any vulnerabilities found in GnuPG through auditing that remain unpatched.
-Explore reproducible builds for popular GnuPG applications.
-Research and implement interoperability issues between GnuPG apps and other PGP applications.