PGP / OpenPGP Pretty Good Privacy — public-key cryptography for humans
The cryptography that lets a stranger on the other side of the planet verify that a document is genuinely ours.
A public-key cryptography scheme for signing and encrypting files, messages and software releases, originally written by Phil Zimmermann in 1991. Standardised as OpenPGP (RFC 4880, updated by RFC 9580 in 2024). The reference free-software implementation is GnuPG (gpg). Used to verify the integrity of software releases, sign emails, encrypt files at rest and authenticate identity over an out-of-band channel.
PGP is how we make our own statements verifiable.
TLS proves you are talking to a server controlled by the domain on the certificate; it does not prove that NordBastion the organisation said anything specific. For statements that need to be unforgeable — the warrant canary, the transparency reports, release artefacts, signed advisories — TLS is not enough. PGP is the missing layer.
Our public keys are listed on /pgp/ with fingerprints. The warrant canary is PGP-signed every period; the transparency report carries a detached signature; release archives ship with .asc files. Anyone with a copy of our public key can run `gpg --verify` and have cryptographic certainty that the document they hold was produced by the holder of the matching private key and has not been altered since.
The flip side: PGP only works if you check the fingerprint of the key against an independent source. The /pgp/ page lists the fingerprint, our Tor mirror lists it, our keybase / social profiles list it; you should compare at least two before trusting a freshly imported key. This is the inconvenient part of the protocol and it is also the part that gives the property the rest of the system actually wants.
The pages that lean on this term.
The questions people actually ask.
What does PGP actually do?
Two related things. First, it digitally signs files and messages so that anyone with your public key can verify a document genuinely came from you and was not tampered with — this is what the warrant canary, the transparency report and the release archives rely on. Second, it encrypts files and messages for a specific recipient so that only the holder of the matching private key can decrypt them.
What is the difference between PGP and OpenPGP?
PGP was the original program written by Phil Zimmermann in 1991, later commercialised. OpenPGP is the open standard derived from PGP's file format and protocol, first specified in RFC 2440 (1998) and currently defined by RFC 9580 (2024). When people say "PGP" today, they almost always mean an OpenPGP implementation — usually GnuPG (gpg), which is the free-software reference.
How does PGP differ from TLS?
TLS authenticates a server during a live connection and encrypts the wire between two endpoints — it is link-layer privacy that vanishes once the connection closes. PGP authenticates the human or organisation behind a piece of data and encrypts that data so it stays encrypted on disk, in email, in a backup tape, forever. TLS protects the conversation; PGP protects the document.
How do I verify a NordBastion PGP signature?
Import the signing key from /pgp/ into your local GnuPG keyring (`gpg --import nordbastion.asc`), check the fingerprint against the one published on the site and ideally against an out-of-band copy (Tor mirror, social-media post), then run `gpg --verify