{
  "draft": "draft-ietf-openpgp-pqc",
  "doc_id": "RFC9980",
  "title": "Post-Quantum Cryptography in OpenPGP",
  "authors": [
    "S. Kousidis",
    "J. Roth",
    "F. Strenzke",
    "A. Wussler"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "222",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "openpgp",
  "abstract": "This document defines a post-quantum public key algorithm extension for the OpenPGP protocol, extending RFC 9580. Given the generally assumed threat of a cryptographically relevant quantum computer, this extension provides a basis for long-term secure OpenPGP signatures and ciphertexts. Specifically, it defines composite public key encryption based on ML-KEM (formerly CRYSTALS-Kyber), composite public key signatures based on ML-DSA (formerly CRYSTALS-Dilithium), both in combination with Elliptic Curve Cryptography (ECC), and SLH-DSA (formerly SPHINCS+) as a standalone public key signature scheme.",
  "pub_date": "June 2026",
  "keywords": [
    "pgp",
    "pqc",
    "encryption",
    "digital signature",
    "post-quantum"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9980",
  "errata_url": null
}