On Mon, 14 May 2018 15:44, andr...@andrewg.com said: > This all exposes one of the difficulties with trying to manage security > software in a decentralised ecosystem. We end up in arguments over whose
That is actually easy compared to a system which is also designed to protect data at rest. Some users may want to restore their 2 year old backup to fix a problem with garbled tapes; some may want to read the real documents about WMD from 2003; some may even want to be able to decrypt their old love letters at the time of their silver wedding. > 1. change the default behaviour of GPG so that any integrity failure is > fatal by default, even for old ciphersuites (we could have a flag to I am all in favor of this and even considered to that some time ago. However, not too long ago we removed support for PGP-2 keys which unfortunately resulted in lots of angry mails from people who now think they need to use gnupg 1.4 every day because they seem to read mails From the last century on a regular base. Well, they think and they were quite vocal. Now telling them they need to enable an option to read certain not that old mail (e.g. creating by other OpenPGP implementations) will a) lead to even more angry mails and b) they will keep on using that option for all mails. Thus my tentative plan was to make the next major version hard fail on messages without MDC and slowly start using our forthcoming AEAD encryption mode. Well okay, with the new support of the Ehtmlfail paper we could now point to that paper and always hard error out if no MDC is used even for old algorithms. Shall we consider this? > the obsolete ciphersuites by default (again, we can provide an They are not used by default. 3DES is a MUST algorithm and will only be deprecated with RFC_4990bis and thus GnuPG 2.3. > 2. AND the MUAs need to make sure they fail hard on integrity warnings, > because old versions of GPG may hang around for a while. Also ensure Fortunately the majority of them do. > that links aren't followed by default, that the capabilities of > encrypted HTML mail are constrained, etc. Yes please, I consider this the minimum requirement for HTML based mails. Why sending email when you need to go online for reading them. And also disallow Javascript. How you only need to convince the mail content designers that they can't simply use the web page and send it as mail. That will be the hard part. > The PGP ecosystem will survive this, because the tech is in place. The I am not so sure for S/MIME - but that is whishful thinking ;-) Shalom-Salam, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgp3vNAR1pnXd.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
