Re: AW: AW: AW: AW: Efail or OpenPGP is safer than S/MIME

On Thu, 17 May 2018 13:11, roman.fied...@ait.ac.at said: > How could that work together with the memory based "wipe" approach, you > envisioned in your message > https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060379.html , last > paragraph? Tha is a different layer. Basically a part

AW: Efail or OpenPGP is safer than S/MIME

> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von > > On 17 May 2018, at 11:50, Patrick Brunschwig > wrote: > > > >> On 17.05.18 10:07, Werner Koch wrote: > >> On Thu, 17 May 2018 08:59, patr...@enigmail.net said: > >> > >>> Within 12 hours after the

AW: AW: AW: AW: Efail or OpenPGP is safer than S/MIME

> Von: Werner Koch [mailto:w...@gnupg.org] > > On Wed, 16 May 2018 16:24, roman.fied...@ait.ac.at said: > > > In my opinion it is hard to find such a "one size fits all" > > solution. Like Werner's example: disabling decryption streaming > > The goal of the MDC is to assure that the message has

Re: AW: AW: AW: Efail or OpenPGP is safer than S/MIME

On Wed, 16 May 2018 16:24, roman.fied...@ait.ac.at said: > In my opinion it is hard to find such a "one size fits all" > solution. Like Werner's example: disabling decryption streaming The goal of the MDC is to assure that the message has been received exactly as the sender set it. Thus there

AW: AW: AW: Efail or OpenPGP is safer than S/MIME

> Von: Andrew Gallagher [mailto:andr...@andrewg.com] > > > On 16 May 2018, at 13:44, Fiedler Roman > wrote: > > > > I am not sure, if gpg could support > > implementation/testing/life-cycle-efforts > to establish all those parameters and different process models for most

Re: AW: AW: Efail or OpenPGP is safer than S/MIME

> I’m going to preemptively quote RJH here before he gets around to it. Use the > defaults! ;-) :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: AW: AW: Efail or OpenPGP is safer than S/MIME

> On 16 May 2018, at 13:44, Fiedler Roman wrote: > > I am not sure, if gpg could support implementation/testing/life-cycle-efforts > to establish all those parameters and different process models for most of > the decryption processes gpg users envision to use gpg

AW: AW: Efail or OpenPGP is safer than S/MIME

> Von: Werner Koch [mailto:w...@gnupg.org] > > On Tue, 15 May 2018 11:44, roman.fied...@ait.ac.at said: > > > The status line format should be designed to support those variants to > > allow a "logical consistency check" of the communication with GnuPG > > There is a > > DECRYPTION_FAILED > > and

Re: AW: Efail or OpenPGP is safer than S/MIME

On Tue, 15 May 2018 11:44, roman.fied...@ait.ac.at said: > The status line format should be designed to support those variants to > allow a "logical consistency check" of the communication with GnuPG There is a DECRYPTION_FAILED and that is all what it takes. If the integrity check fails

AW: Efail or OpenPGP is safer than S/MIME

> Von: MFPA [mailto:2017-r3sgs86x8e-lists-gro...@riseup.net] > > Hi > > On Monday 14 May 2018 at 1:33:03 PM, in > local>, > Fiedler Roman wrote:- > > > This would also prevent many other programming > > errors: e.g. if gpg > > claims

AW: Efail or OpenPGP is safer than S/MIME

> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von > > On 14/05/18 12:25, Robert J. Hansen wrote: > > The problem is that gpg doesn't say anything. I would expect a > > DECRYPTION_FAILED message here: > > So perhaps the solution is to throw a big warning and prompt when an