High-Level API for Sequoia PGP: Implement PGP securely and easily

What is the project about?

OpenPGP is a widely used, decentralized Internet protocol that provides encryption, signing, and key management. Although it has been around since 1991, the tools are difficult to use—both for end users and developers. The goal of this project is to design and implement an easy-to-integrate API for Sequoia PGP. While such an API offers less functionality, it also requires less expertise from application developers and causes fewer errors during integration. Furthermore, the reduced freedom leads to more consistent workflows between applications. This also increases security: familiar processes are easier for users to use correctly and therefore more secure.

Which audience does the project address?

The target audience is application developers who want to support OpenPGP or migrate to Sequoia PGP. Indirectly, users will also benefit from an improved security architecture.

What is to be achieved?

This project will focus on high-level interfaces, which will make it easier to add OpenPGP support to existing software projects, and provide more consistent UX across programs. Unlike a low-levelAPI, a high-level API is opinionated, i.e. encourages the developer to implement it correctly. It provides a few functions for common workflows, and hides technical details.