[CleanNet Spam:] Re: "decryption forced to fail" due to missing signature?
Werner Koch
wk at gnupg.org
Wed Jan 24 08:47:28 CET 2018
On Tue, 23 Jan 2018 16:28, Alexander.Strobel at giepa.de said:
> But this does not solve the inconsistency in "showing an error and still
> return decrypted data" I see when MDC is missing. Maybe someone can
As a Unix tool gpg streams the data and does not buffer it. Thus at
the time it detects a mad MDC it is too late to remove the already
written data. Of course it could simply reject all non-MDC data packets
but that would make debugging harder and someone else would complain
why data is written despite that the signature is broken - in that case
there is no way for gpg to detects this beforehand.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180124/e8f04d85/attachment.sig>
More information about the Gnupg-devel
mailing list