ietf-openpgp
[Top] [All Lists]

[openpgp] AEAD mode unverified chunks

2018-06-30 11:10:30
RFC4880bis should clarify that unverified plaintext must not be output
in AEAD mode.

I suggest adding this sentence:

5.16  AEAD Encrypted Data Packet (Tag 20)

[...]

If a chunk can not be authenticated, implementations MUST discard the
plaintext without further processing.  Unauthenticated plaintext MUST
not be output to other applications or the user.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>
  • [openpgp] AEAD mode unverified chunks, Marcus Brinkmann <=