Feature suggestion: options to require MDC or trusted signature on decryption

Holger Smolinski via [gnupg-devel] gpg-devel at nopicturesplease.de
Thu May 31 16:04:58 CEST 2018

Am 31.05.2018 um 13:28 schrieb Werner Koch:
> On Tue, 29 May 2018 08:14, patrick at enigmail.net said:
>> Enigmail fails with this since about two weeks, also for older versions
>> of GnuPG. I had a number of bug reports/support requests since then, but
>> overall it was less than I feared. Some people still have very old keys.
> Good.  Today I pushed changes for 2.2.8 which will now always require
> the MDC and which will print a hint in case an old cipher algorithm is
> the cause for the missing MDC:

Thanks all, I had similar issues with enigmail using new GPG keys - my
peer has been using OpenPGP and eingmail recently refused to decrypt the
message for the reason of missing MDC protection, regardless of whether
using --ignore-mdc-errors or not.

As my personal workaround I have disabled the check in enigmail, but now
I will check these fixes.


More information about the Gnupg-devel mailing list