AW: Efail or OpenPGP is safer than S/MIME

Fiedler Roman Roman.Fiedler at ait.ac.at
Tue May 15 11:44:39 CEST 2018


> Von: MFPA [mailto:2017-r3sgs86x8e-lists-groups at riseup.net]
>
> Hi
>
> On Monday 14 May 2018 at 1:33:03 PM, in
> <mid:2ECE9D9EEF1F524185270138AE23265955B7A916 at S0MSMAIL112.arc.
> local>,
> Fiedler Roman wrote:-
>
> > This would also prevent many other programming
> > errors: e.g. if gpg
> > claims to have processed 2 signed messages, a client
> > has to verify,
> > that it also received two "GOOD_SIG" messages.
>
> What if a message has more than one signature?

The status line format should be designed to support those variants to allow a "logical consistency check" of the communication with GnuPG like a message digest allows consistency checking for a cryptographic message. I guess it would be ease for the GnuPG-hardcore developers to define, which fields are required to perform a thorough consistency check.


More information about the Gnupg-users mailing list