On 01/03/2014 08:12 AM, Leo Gaspard wrote: > So changing the encryption could break an opsec.
If someone's opsec is based on the question of whether a message was encrypted or not, then they've probably got their cart before their horse too. opsec requirements should indicate whether you encrypt, not the other way around. > BTW, is a timestamp included in the signature? If not, it could lead to > similar > issues. Yes, all OpenPGP signatures generated by standards-compliant tools include a timestamp: https://tools.ietf.org/html/rfc4880#section-5.2.3.4 --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
