Efail or OpenPGP is safer than S/MIME

Lukas Pitschl | GPGTools lukele at gpgtools.org
Thu May 17 11:21:06 CEST 2018

> Am 17.05.2018 um 10:07 schrieb Werner Koch <wk at gnupg.org>:
> On Thu, 17 May 2018 08:59, patrick at enigmail.net said:
>> Within 12 hours after the release I got 5 bug reports/support requests
> Kudos to Enigmail for acting as our guinea pig.  I implemented the same
> thing in GPGME this morning (see my mail to enigmail users).

During the implementation of our MDC fix, we came across two STATUS
messages which are not documented in doc/DETAILS which are:


Is there any particular reason why these have not been added to

If we check for DECRYPTION_INFO 0 X (0 being NO MDC) and the
BADMDC status line (in addition to DECRYPTION_FAILED), can we
safely assume that all known cases of no MDC or modified MDC are
covered (even for CAST5, which at the moment issues DECRYPTION_OKAY)?



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 268 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180517/31345997/attachment.sig>

More information about the Gnupg-users mailing list