Secure and Robust

Sequoia focuses on security and robustness in our choice of tools, our development methodology, and feature set.

Read more.

Easy to Use

A library is only as good as its integration in downstream projects. As such, we made ease of use one of our main goals.

Read more.

Holistic Approach

Improving the security of OpenPGP users requires more than a new implementation. Therefore, we are taking a holistic approach and are improving the ecosystem.

Read more.



Sequoia: Super Powering End-to-End Email Encryption in Mozilla Thunderbird

By Justus and Neal on April 8, 2021

We are thrilled to release the first version of the Octopus, an alternate OpenPGP backend for Thunderbird built on top of Sequoia.

The Octopus is a drop-in replacement for RNP, the OpenPGP library shipped with Thunderbird 78. In addition to providing all of the RNP functionality that Thunderbird uses, the Octopus also includes a number of enhancements. These fall into several categories. The Octopus restores some functionality that was present in Enigmail, but removed or has not yet been reimplemented in Thunderbird’s OpenPGP integration. In particular, the Octopus uses GnuPG’s keystore, interacts with gpg-agent, integrates GnuPG’s web of trust information, and updates certificates in the background. The Octopus includes a number of security fixes and improvements. For instance, it fixes Thunderbird’s insecure message composition, and automatically encrypts in-memory secret key material at rest. The Octopus adds a few performance improvements, such as, parsing the keyring in the background and using multiple threads. And, the Octopus has better support for parsing less usual, but not necessarily esoteric, certificates and keys.

Continue reading

Talk about OpenPGP interop testing at the IETF 110

By Justus on March 16, 2021

I gave a talk at the IETF 110 about the OpenPGP Interoperability Test Suite. Slides and recording are available. The talk introduces the OpenPGP Interoperability Test Suite, describes its benefits, how it works, how to read the test results, talks briefly about results, and how to join the effort, improve the test suite, and how to run it. Enjoy!

Continue reading


Do you want to see more?

There are a number of projects under the Sequoia umbrella.