The branch OpenSSL_1_0_1-stable has been updated
via 19fca4cafc4eafa3fe3562074aab4352bd421eff (commit)
from 5802758eb480c5f14a768f6a061df1dd20aec8c4 (commit)
- Log -----------------------------------------------------------------
commit 19fca4cafc4eafa3fe3562074aab4352bd421eff
Author: Rich Salz <[email protected]>
Date: Sat Aug 13 10:47:50 2016 -0400
RT3940: For now, just document the issue.
Reviewed-by: Richard Levitte <[email protected]>
(cherry picked from commit 2a9afa4046592d44af84644cd89fe1a0d6d46889)
-----------------------------------------------------------------------
Summary of changes:
doc/apps/cms.pod | 3 +++
doc/apps/smime.pod | 3 +++
2 files changed, 6 insertions(+)
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
index 9a24082..25b19d5 100644
--- a/doc/apps/cms.pod
+++ b/doc/apps/cms.pod
@@ -85,6 +85,9 @@ encrypt mail for the given recipient certificates. Input file
is the message
to be encrypted. The output file is the encrypted mail in MIME format. The
actual CMS type is <B>EnvelopedData<B>.
+Note that no revocation check is done for the recipient cert, so if that
+key has been compromised, others may be able to decrypt the text.
+
=item B<-decrypt>
decrypt mail using the supplied certificate and private key. Expects an
diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod
index 94a8823..acc38be 100644
--- a/doc/apps/smime.pod
+++ b/doc/apps/smime.pod
@@ -53,6 +53,9 @@ The meaning of the other options varies according to the
operation type.
encrypt mail for the given recipient certificates. Input file is the message
to be encrypted. The output file is the encrypted mail in MIME format.
+Note that no revocation check is done for the recipient cert, so if that
+key has been compromised, others may be able to decrypt the text.
+
=item B<-decrypt>
decrypt mail using the supplied certificate and private key. Expects an
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
