Hi Óscar,
* Óscar Fuentes <o...@wanadoo.es> [2018-07-26; 13:57]:
> For the record: executing gpg2 from the command line is revealing:
>
> gpg: WARNING: message was not integrity protected
> gpg: Hint: If this message was created before the year 2003 it is
> likely that this message is legitimate. This is because back
> then integrity protection was not widely used.
> gpg: Use the option '--ignore-mdc-error' to decrypt anyway.
> gpg: decryption forced to fail!
>
> The solution is to add `ignore-mdc-error' to ~/.gnupg/gpg.conf.
I hope you'll do this only as a temporary meassure. Your could
decrypt and re-encrypt the org-crypt parts in question iff you
are sure, they were encrypted years ago and their contents is ok.
But having this option in ~/.gnupg/gpg.conf otherwise weakens
the security of GnuPG usage considerably.
>From the gpg man page:
--ignore-mdc-error
This option changes a MDC integrity protection failure
into a warning. This can be useful if a message is
partially corrupt, but it is necessary to get as much
data as possible out of the corrupt message. However,
be aware that a MDC protection failure may also mean
that the message was tampered with intentionally by an
attacker.
The usage scenario described in the first sentence is clearly a
one time thing. Putting this option in gpg.conf ignores these
kind of errors for all future usage, for risks and side effects
see the second sentence.
Ciao; Gregor
