On 22/05/18 10:44, Fiedler Roman wrote: > Such a tool might then e.g. be used on a MitM message reencryption > gateway: the old machines still send messages with old > (deprecated/legacy options), they are transformed by "gpg-archive": > The full data (old message, old decrypt report, reencrypted > plaintext) go to the auditing storages, the reencrypted plaintext to > the standard (before MitM) receiver (who does not need to support > legacy/deprecated from now on anymore).
I don't think we should be encouraging the automated or transparent use of legacy crypto upgrades, particularly in an online setting such as a mail gateway. All this does is launder the obviously-dangerous bad ciphertext into an apparently-safe new ciphertext. -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users