Hi, thanks for your fast and informative reply. On Wed, 30 Oct 2024 15:08, Werner Koch said:
> Thanks for the description of your problem. However, I am not sure > whether I really understood all details. As far as I can see, you understood everything correctly and completely answered my questions. I only wanted to know if there are any security concerns about the current implementation of the signature verification process considering what I found out and what was discussed in the github issue. > No, we won't play that game. BTW, this trouble was the reason why RNP > and us came up with a new term for the widely deployed version of > OpenPGP (rfc4880bis): LibrePGP [1]. I got your point. The question was only in case there were concerns about the current implementation of gpg. FYI, the discussion in the github issue is still ongoing and I quoted your arguments over there. Regards Ivan _______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
