show warning for files with no MDC and allow decryption (required for legacy keys)
Reported by steve | June 7th, 2018 @ 01:10 PM | in 1.11.4 (closed)
Using weak old keys may result in no MDC used for the encrypted message. GPGMail will not decrypt such messages. To allow users a transition to a stronger key and not lock them out, GPGServices should offer an option to decrypt, after showing a big warning with steps how to move forward.
Relevant Commits:
Suggested warning message
FILE WARNING
Warning: The encrypted file was not integrity protected!
Without integrity protection (missing modification detection code) it is not possible to determine whether or not the encrypted data has been modified.
To learn more about how to deal with files without integrity
protection visit:
https://gpgtools.tenderapp.com/kb/faq/modification-detection-code-m...
If you are absolutely sure that the file has not been modified, you may choose to continue.
Continue Abort (pre-selected)
TEXT WARNING
Warning: The encrypted text was not integrity protected!
Without integrity protection (missing modification detection code) it is not possible to determine whether or not the encrypted data has been modified.
To learn more about how to deal with files without integrity
protection visit:
https://gpgtools.tenderapp.com/kb/faq/modification-detection-code-m...
If you are absolutely sure that the text has not been modified, you may choose to continue.
Continue Abort (pre-selected)
Comments and changes to this ticket
-
Support June 12th, 2018 @ 08:09 PM
- State changed from “new” to “started”
- Assigned user set to “Mento”
- Milestone set to “1.11.4”
(from [6a7402bf3fab79bbf1199744f6e0aa96a5ed9345]) Handle messages without an mdc.
Show an alert to ask the user if they want to decrypt it anyway.
The alert strings are only a first draft.
[#245 state:started assigned:mento milestone:1.11.4] https://github.com/GPGTools/GPGServices/commit/6a7402bf3fab79bbf119... -
-
Support June 13th, 2018 @ 02:58 PM
- State changed from “started” to “fixed”
(from [ba5e15f89dc5d847f60afb894e5c85bc78ea77e1]) Strings for the no-mdc warning.
[#245 state:fixed] https://github.com/GPGTools/GPGServices/commit/ba5e15f89dc5d847f60a...
-
steve June 13th, 2018 @ 03:34 PM
- State changed from “fixed” to “verified”
macOS 10.13.5
GPG Suite 2212n
verified -
steve June 15th, 2018 @ 12:03 PM
- State changed from “verified” to “released”
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Luke Le
Mento
steve