Efail or OpenPGP is safer than S/MIME

Andrew Gallagher andrewg at andrewg.com
Mon May 14 13:49:57 CEST 2018

On 14/05/18 12:25, Robert J. Hansen wrote:
> The problem is that gpg doesn't say anything. I would expect a
> DECRYPTION_FAILED message here:

So perhaps the solution is to throw a big warning and prompt when an
integrity check failure is thrown by gnupg? That would mitigate the
current issue, but allow for reading pre-MDC emails as per Werner's
earlier link.

The problem here is that an integrity failure is a serious error when it
occurs in a context where oracle behaviour is possible (such as email),
but it's much less serious when used outside that context. Just because
gnupg says it's only a warning-level offence doesn't mean enigmail
should agree...

Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180514/3192a496/attachment.sig>

More information about the Gnupg-users mailing list