Efail or OpenPGP is safer than S/MIME

Mirimir mirimir at riseup.net
Thu May 17 01:06:10 CEST 2018

On 05/16/2018 05:48 AM, Werner Koch wrote:
> On Tue, 15 May 2018 11:56, andrewg at andrewg.com said:
>> We should also be very careful to note that none of this discussion
>> thread applies to the MIME concatenation vulnerability, which is a
>> problem in Thunderbird and other mail clients, and which cannot be
> While we are at that point.  Can we get a definive answer whether TB
> loads external content by default, that is honors the href, erc, etc.
> attributes?  Form the screenshot I have seen, it says it won't do that.
> But I am not sure what is the default.

By default, Thunderbird displays full HTML. But it doesn't load external
content, such as embedded images. I checked in an Ubuntu LiveCD.

> I hesitate to achieve HTML-mail expert status (see my X-message-flag
> header).
> Salam-Shalom,
>    Werner

More information about the Gnupg-users mailing list