Efail or OpenPGP is safer than S/MIME
andrewg at andrewg.com
Mon May 14 22:09:45 CEST 2018
> On 14 May 2018, at 18:57, Lars Noodén <lars.nooden at gmail.com> wrote:
> How feasible would it be to strip or disable encryption in a fork of an
> old version and just leave it capable of decryption?
I’m sure it’s feasible, but it doesn’t address this issue or any other kind of oracle, replay or chosen-text attack. If today has taught us anything, surely it is that flaws in decryption are just as dangerous as flaws in encryption.
More information about the Gnupg-users