On 21.05.18 16:56, Klaus Römer wrote: > Internet works because we have standards. > Rfc 3986 states that URLs have to be ecoded. > Redering-Engies which send unencodes content including whitespaces and > newlines to an external Server are seriously broken. > > (Only to point the finger at the real bug)
You only refer to one type of possible vulnerabilities that Efail discovered. Even if there are no remote calls involved, it is still possible to trick the user into sending a reply that contains decrypted content. -Patrick _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
