Re: [openpgp] OpenPGP SEIP downgrade attack2015-10-05 20:52:06Werner Koch <wk(_at_)gnupg(_dot_)org> writes: More important however is my remark that we need to get MDC deployed so that we can issue an error for non MDC packets instead of just a warning. We don't need to get it deployed, we need to get it replaced by encrypt- then-MAC, with the whole handled in a manner where downgrade attacks aren't possible. Peter. _______________________________________________ openpgp mailing list openpgp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/openpgp
|
|