MDC Confusion
Stewart V. Wright
svwright+lists@amtp.liv.ac.uk
Fri May 23 09:04:03 2003
Hi,
I am having some confusion with modification detection code (MDC).
I'm using the 1.2.3-cvs version (from the 7th of May) of GnuPG.
I just changed my gpg.conf file and changed from
no-force-v3-sigs
to
openpgp
Which should make my signatures/encryptions entirely OpenPGP
compatible.
Unfortunately when I decrypt anything I get the following warning:
gpg: WARNING: message was not integrity protected
I don't get the warning when I go back to no-force-v3-sigs.
This isn't an issue with my key (AFAIK) as I generated (another) test
key which has the following preferences:
Command> showpref
pub 1024D/6DA6A7C3 created: 2003-05-20 expires: never trust: u/u
(1). Test Key
Cipher: AES256, AES192, AES, CAST5, 3DES
Digest: SHA1, RIPEMD160
Compression: ZLIB, ZIP, Uncompressed
Features: MDC
The command I used for my testing was:
gpg --armor -u 6DA6A7C3 --sign --output msg1.asc --encrypt -r 6DA6A7C3 msg
(i.e. sign and encrypt to self...)
My gpg.conf is
***********************************************************
#no-force-v3-sigs
openpgp
keyserver x-hkp://wwwkeys.eu.pgp.net
keyserver-options honor-http-proxy
no-secmem-warning
set-policy-url http://www.liv.ac.uk/~svwright/security/gpg-policy.html
show-policy-url
***********************************************************
Any ideas???
Cheers,
S.