Sven Fischer wrote:
Also, it isn't our fault, that M$ does use such simple crypto algorithms. I personally share this opinion, but only for the encryption side. For decryption, I don't understand why it should be a problem.
For decryption there is no problem, of course. As for encryption.. it is impossible to misuse a feature (even accidentaly!) which simply is not present :) that was my reasoning behind the comment.
user is able to decrypt this Outlook crap sent to them. Is telling the Outlook users to use another mail program or use no encryption at all the solution? I don't think so. I even tried to convince Outlook to use 3des, but couldn't figure out how to do that.
that setting is hidden deep somewhere in account settings. but are you talking about S/MIME or GPG? IMHO, outlook users that are using GPG are pretty 'advanced' users (compared to rest of them). AFAIK, Outlook makes it easy to use X.509 but you have to have some kind of plugin for GPG, no? and GPG (except the experimental one) can't yet handle S/MIME. So linux mail readers have to use something else besides GPG for S/MIME.. and then I don't see how not incorporating RC2 into GPG even for decryption is a problem.. am I missing something here?
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
