(Only to point the finger at the real bug)
Efail is not just an HTML rendering bug. It includes very real attacks against S/MIME as it's used by thousands of corporations.
It's true that the cryptanalytic attack on OpenPGP is pretty much nothing. But even then, there's room to argue whether GnuPG has made it too easy for email clients to do the wrong thing.
Efail is not just an HTML rendering bug. The hype around it is awful, but there are good things in the paper and we should be careful not to wash our hands of it and say "nope, not our problem..."
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
