vedaal at vedaal at
Tue Mar 15 23:51:42 CET 2011

David Shaw dshaw at wrot on
Tue Mar 15 22:28:23 CET 2011 :

>I'm not quite sure what you mean.  
>The MDC can be used on any OpenPGP cipher, no matter what the 

but it's done by gnupg by default for 256 bit ciphers, while it 
needs the option of '--force-mdc' for non-256 bit ciphers.

When this option isn't used, MDC is not done, and when gnupg 
decrypts the message, it gives an alert of:

gpg: WARNING: message was not integrity protected

My suggestion is to have gnupg do the MDC by default for all 
ciphers sizes.
(makes it easier for beginners who might get a little concerned 
about the above alert message ;-)  )


More information about the Gnupg-users mailing list