openpgp4fpr URI scheme

This document describes IANA registered URI scheme used to identify OpenPGP version 4 public keys.



Where fingerprint is exactly 40 characters of lower and upper-case letters A, B, C, D, E, F and digits (0-9).

Formal definition using Augmented Backus-Naur Form:

openpgp4fpr-uri = "openpgp4fpr:" fingerprint
fingerprint     = 40*40HEXDIG



The uppercase hexadecimal digits ‘A’ through ‘F’ are equivalent to the lowercase digits ‘a’ through ‘f’, respectively. If two URIs differ only in the case of hexadecimal digits used in the scheme specific part, they are equivalent.


URIs in the openpgp4fpr scheme are used to identify OpenPGP key by the master key fingerprint.

Applications that use this scheme may lookup the key data with that fingerprint using implementation-defined methods (e.g. keyserver lookup using the HTTP Keyserver Protocol).

Encoding considerations

As fingerprint contains only characters in the unreserved set there is no need to encode the scheme specific part of the URI.

Interoperability considerations

Unknown, use with care.

Security considerations

Unknown, use with care.



Protocol handler in browsers

For supported browsers it is possible to install a handler that will lookup the key on the keyserver.

After adding the protocol this link will search the key by fingerprint: openpgp4fpr:653909A2F0E37C106F5FAF546C8857E0D8E8F074

QR-encoded URI

OpenKeychain can read openpgp4fpr URIs encoded as QR barcodes. When a URI like that is scanned the application will use the fingerprint and search for the key on defined keyservers.

It is advisable to use all uppercase in the URI so that the QR code can be efficiently encoded.

Example QR encoded fingerprint that can be scanned by OpenKeychain:

QR-encoded vCard

OpenKeychain also supports scanning fingerprints from QR-encoded vCards. The fingerprint is put as an openpgp4fpr URI inside KEY field of the vCard.

Example vCard:

FN:Linus Torvalds

Encoded as a QR-code:

When this code is scanned by a regular scanner it will add a contact to the address book. Scanning this code with OpenKeychain’s built-in QR scanner will lookup the key by fingerprint on the default keyservers.


OpenKeychain also supports reading key fingerprints using openpgp4fpr scheme from regular NFC tags. When a tag is encountered that contains the openpgp4fpr URI OpenKeychain will be launched and will look for that key on the default keyservers.