[Top] [All Lists]

[openpgp] AEAD mode unverified chunks

2018-06-30 11:10:30
RFC4880bis should clarify that unverified plaintext must not be output
in AEAD mode.

I suggest adding this sentence:

5.16  AEAD Encrypted Data Packet (Tag 20)


If a chunk can not be authenticated, implementations MUST discard the
plaintext without further processing.  Unauthenticated plaintext MUST
not be output to other applications or the user.

openpgp mailing list

<Prev in Thread] Current Thread [Next in Thread>
  • [openpgp] AEAD mode unverified chunks, Marcus Brinkmann <=