// glossary / openpgp-v6

OpenPGP v6 (RFC 9580).

The 2024 refresh of the OpenPGP standard. v6 keeps everything portable about OpenPGP while modernizing the parts that had aged — fingerprints, authenticated encryption, curve representation, and passphrase protection. PGPony generates and uses v6 keys, and still fully supports the classic v4 format for maximum compatibility.

// definition

OpenPGP v6 is the key and message format specified by RFC 9580, published in 2024 as the successor to RFC 4880 (v4). It defines a new key version, a new encrypted-message packet (SEIPDv2), and updated defaults for hashing, curves, and string-to-key handling.

What changed from v4.

Stronger fingerprints. v6 fingerprints use SHA-256. v4 fingerprints used SHA-1; v6 removes that dependency. v6 key IDs are the leading bytes of the SHA-256 fingerprint.
Authenticated encryption. v6's SEIPDv2 packet uses modern AEAD (OCB), which cryptographically detects any tampering — a cleaner, stronger guarantee than v4's bolt-on MDC integrity check.
Modern curves, natively. Ed25519 for signing and X25519 for encryption are represented natively, without the legacy OID wrapping v4 required.
Memory-hard passphrases. v6 supports Argon2 for protecting secret keys — far more resistant to brute force than older key-stretching.

Why it matters.

v6 is the difference between "PGP, the old standard" and "PGP, brought up to modern cryptographic practice." If you're generating a fresh key today and your correspondents use RFC 9580-capable tools (such as Sequoia), v6 gives you the strongest, cleanest guarantees.

The one caveat is reach: not every tool has adopted RFC 9580 yet. In particular, current GnuPG does not implement v6. If you need to exchange keys and messages with GnuPG users today, the classic v4 format remains the compatible choice — which is why PGPony lets you pick the format per key.

// sq inspect of a v6 key

Fingerprint: 64 hex characters (SHA-256) Primary: Ed25519 [certification] Subkey: X25519 [encryption: transport + at-rest] Subkey: Ed25519 [signing]

A v6 key is a certification-only Ed25519 primary with an X25519 encryption subkey and an Ed25519 signing subkey — the structure PGPony produces and verifies against Sequoia.

// in PGPony The Generate Key screen offers a v6 / v4 picker. Choose v6 for modern, Sequoia-class crypto; choose v4 when you need GnuPG compatibility. Key details show whether a key is "OpenPGP v6 · RFC 9580" or "v4 · RFC 4880," along with what each part can do.

Related terms

Get PGPony

Free OpenPGP encryption for iOS and Android. No accounts, no tracking.

Download on the App Store Get it on Google Play