On Mon,  4 Nov 2019 11:40, Robert J. Hansen said:

> requirements.  This could be as simple as, "we prohibit the use of 3DES,
> but OpenPGP lists it as a MUST algorithm".

It is even less technical see my other mail.

FWIW, GnuPG knows all allowed algorithms for the VS-NfD use case and can
be switched into a mode where this is enforced (for creating message) or
indicated with a warning (for reading a message).

  $ gpg --compliance=help
  gpg: valid values for option '--compliance':
  gpg:   gnupg
  gpg:   openpgp
  gpg:   rfc4880bis
  gpg:   rfc4880
  gpg:   rfc2440
  gpg:   pgp6
  gpg:   pgp7
  gpg:   pgp8
  gpg:   de-vs
  
Thus when VS-NfD is required the admin will configure gpg and gpgsm with
--compliance=de-vs.  Actually Kleopatra and GpgOL have GUI elements to
enable/show that mode.  One thing which sets us apart from other VS-NfD
products is that the very same software can be used for regular mail and
VS-NfD processing without switching.  The user experience is thus better
aligned to the real world use.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to