efail -> improvements (was: Efail or OpenPGP is safer than S/MIME)
bernhard at intevation.de
Tue May 15 08:52:45 CEST 2018
.. to only display contents if there was integrity protection by either
> a) MDC
> b) AEAD
> c) a signature over the whole contents from someone where it has been
> encrypted to (if this is feasable to detect).
if users or frontends still want to show contents, to me it seems good if
* there is a very explicit disable-safety-button
* ideally working only for one encryption, so it has been issued explicitely
* a warning against active content which may become active much later
* an attempt to prevent active backchannels as much as possible
(e.g. by only showing plain text and saving as plain-text suffix)
would need to be put in the documentation so GnuPG frontends know.
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users