Feature suggestion: options to require MDC or trusted signature on decryption

Francois Grieu fgrieu at gmail.com
Thu May 24 10:53:27 CEST 2018


In the wake of efail ( https://efail.de/ ), I think it could be useful to add 
options to gpg (the command-line tool) that

[1] cause gpg to supress any deciphered output that is not integrity-protected 
by at least one of MDC or trusted signature; I do realize this requires 
buffering when using gpg as a pipe.

[2] cause gpg to exit with non-zero status whenever an input was deciphered 
(output or not) and was not integrity-protected as above.

Any thoughts (like: some of that exists, and I missed it) ?

    Francois Grieu



More information about the Gnupg-devel mailing list