2

When managing encryption keys in Ubuntu, I created a GPG key through the CLI with gpg --gen-key. Ubuntu provides a nice little GUI for managing keys called "Passwords and Keys". It however lists keys as PGP keys instead of GPG keys, under the GnuPG keys menu option as shown below:

enter image description here

I have come to understand that GPG is not the same as PGP, but a completely rewritten piece of software that adheres to the OpenPGP standard that PGP also adheres to. So why does Ubuntu use the term PGP instead of GPG? Also, when using the the seahorse-nautilus package to encrypt files from within nautilus, my files come out with the .pgp extension rather than .gpg.

Community
  • 1
Programster
  • 5,731
  • 20
  • 63
  • 92
  • possible duplicate of [Difference between PGP and GPG](http://askubuntu.com/questions/186805/difference-between-pgp-and-gpg) – Charles Green Dec 21 '14 at 15:25
  • For the same reason I'd refer to a Java program as a Java program and not an OpenJDK program or an Oracle Java program or a Dalvik program. – muru Dec 21 '14 at 15:38
  • @CharlesGreen I'm asking why Ubuntu uses the term PGP instead of GPG not "what is the difference between PGP and GPG". I even specifically referenced that post in my argument that the two are clearly different, hence, why do we still use the term PGP and not "GPG Keys" or "OpenPGP Keys". As it currently is, it's like referring to an "Oracle Java program" rather than a Java program which would be referring to them as OpenPGP keys, since OpenPGP is the standard/interface, not the application. – Programster Dec 21 '14 at 16:42
  • I think it would be like referring to your webbrowser as 'html' rather than 'Firefox' - the PGP standard defines the keys, protocols, and files while GPG is the program set used to manipulate them. – Charles Green Dec 21 '14 at 17:03
  • No, OpenPGP is the standard defines the keys, protocols and files, not PGP. GPG and PGP are both programs used to implement them, of which Ubuntu doesn't even use PGP, it uses GPG instead. – Programster Dec 21 '14 at 17:07

1 Answers1

2

Inconsistent Naming for Historical Reasons

This will very likely have historical reasons. In the beginning, there was only PGP, which was (for reasons of export restrictions) somewhat open sourced. Some time later, there has been an initiative to write down specifications, released as OpenPGP, and the Gnu Privacy Guard GnuPG was developed on that base.

Having the roots in PGP, lots of early PGP adaptors (having used PGP long before GnuPG was started) still use the term "PGP" referring to both usage and keys; not adapting the changed naming of implementation and underlying standard.

Let's do Something About it

Especially in the free software world, one should put special attention on making a distinction between standards, implementations (and even more, non-free implementations); aside from PGP actually being a reserved trademark, probably without being licensed in this case. I created a bug report requesting more consistent naming in Seahorse.

Jens Erat
  • 4,993
  • 7
  • 31
  • 37
  • PGP being a registered (?) trademark is not worth much if they don't defend it. – muru Dec 21 '14 at 18:29
  • [Symantec lists PGP as registered trademark](http://www.symantec.com/about/profile/policies/trademarks/currentlist.jsp). Nobody caring now does not mean nobody caring later, PGP has a [history of being sold](http://en.wikipedia.org/wiki/Pretty_Good_Privacy#Network_Associates_acquisition) to other companies. – Jens Erat Dec 21 '14 at 18:33
  • If they don't care now, it doesn't matter if they start caring later. Trademark rights are lost if left unenforced. – muru Dec 21 '14 at 18:38
  • Couldn't agree more with: `Especially in the free software world, one should put special attention on making a distinction between standards, implementations (and even more, non-free implementations)`. Also great that you filed a bug report. – Programster Dec 21 '14 at 19:33