In Linux file name extensions are irrelevant, but on a Windows system, many GPG users use GUI applications rather than the command line. They may want to be able to double click on an encrypted file, key, or signature and open it with their GPG client.

Some extensions I have seen used a lot are .gpg, .gpg-key, .asc, .sig (plus the very verbose but self-explanatory .gpg-revocation-certificate), but I can't find any sort of pattern or "standard" on which extensions are recommended in which cases.

Is there a standard (or at least a common practice) for the following types of files used by GPG (or OpenPGP-based systems)?

• Exported keys
• Encrypted files
• Signatures (which includes signed files, clearsigned files, and detached signatures)
• Revocation certificates

In addition, for most of these, I would assume the file extension will differ depending on if the output is a binary or an ASCII armored file.

2

1 Answer

Normally, .sig is used for detached signatures using the binary OpenPGP format, and .asc for when the contents are ASCII-armored.

For everything else, .gpg is common for the binary format, .asc when armored.

1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy