[openpgp] AEAD mode unverified chunks2018-06-30 11:10:30RFC4880bis should clarify that unverified plaintext must not be output in AEAD mode. I suggest adding this sentence: 5.16 AEAD Encrypted Data Packet (Tag 20) [...] If a chunk can not be authenticated, implementations MUST discard the plaintext without further processing. Unauthenticated plaintext MUST not be output to other applications or the user. _______________________________________________ openpgp mailing list openpgp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/openpgp
|
|