Efail or OpenPGP is safer than S/MIME
andrewg at andrewg.com
Mon May 14 11:30:18 CEST 2018
On 14/05/18 10:15, Robert J. Hansen wrote:
>> I see that MDC is the default for all modern ciphers, but does that imply
>> that MDC *checking* is the default?
> MDC is an attribute of the packet, not the cipher. By default, all
> ciphers in the GnuPG suite use MDC.
OK, but from Werner's link earlier:
> We hesitate to require the MDC also for old algorithms (3DES, CAST5>
> because a lot of data has been encrypted using them in the first
> years of OpenPGP.
So if someone sends me a 3DES-encrypted mail it won't check the MDC?
Doesn't gpg still support reading 3DES?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 862 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users