Signed sealed & delivered

German government IT experts add OpenPGP to LibreOffice

Published on: 20/10/2017
Last update: 27/10/2017

Users of a recent version of LibreOffice (5.4.0 and up) on Linux workstations can now use OpenPGP to sign their documents, thanks to the 'Bundesamt für Sicherheit in der Informationstechnik' (BSI, the German Federal Office for Information Security). Support for encryption will be included in LibreOffice 6, expected early next year.

That version will also see OpenPGP support in LibreOffice running on Windows PCs, iOS and Android devices.

In August last year the BSI, part of Germany’s Ministry of the Interior, decided to fund support for the OpenPGP IETF encryption standard in LibreOffice, because of its free, public and non-hierarchical system of public and private encryption keys. Public keys can be easily distributed, allowing others to encrypt content for the owner of that key. In addition, OpenGPG makes it easy to verify that signed content is actually from the key-owner. A public key can also be signed by others, letting them vouch for its validity.

The BSI/CIB roadmap for OpenPGP in LibreOffice

OpenPGP’s inclusive use case sets it apart from other eSignature and encryption standards already supported by LibreOffice, such as XAdES, one of the European eIDAS eSignature regulation standards, and X509. These rely on security certificates that are centrally managed, an approach that is more suited to companies and public services.

“The BSI wants to put encryption and signing at users’ fingertips,” says Thorsten Behrens, IT-Lead LibreOffice at CIB Labs, an IT service provider based in Hamburg (Germany) that was contracted by the BSI. “OpenPGP is free, ubiquitous, stable, reliable, cross-platform, and comes with tons of features.”

Behrens talked about support for OpenPGP at the LibreOffice conference in Rome last week.

More information:

Procurement request by the BSI/Ministry of the Interior
Blog by Thorsten Behrens
LibreOffice 2017 conference site