> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von > > On 17 May 2018, at 11:50, Patrick Brunschwig <patr...@enigmail.net> > wrote: > > > >> On 17.05.18 10:07, Werner Koch wrote: > >> On Thu, 17 May 2018 08:59, patr...@enigmail.net said: > >> > >>> Within 12 hours after the release I got 5 bug reports/support requests > >> > >> Kudos to Enigmail for acting as our guinea pig. I implemented the same > >> thing in GPGME this morning (see my mail to enigmail users). > >> > >> What shall we do now? Provide a separate tool to decrypt and clean HTML > >> messages or add a tool to Enigmail to do just this? > > > > Good question... Thunderbird is working on fixing the HTML display > > issue. But I think we should really start enforcing users to enable MDC. > > I therefore would prefer keeping the barrier high. In any case, this is > > nothing that I could implement with a week or two. > > I agree, while it would be easy for the users to have a magic button in > enigmail, this isn’t something we should be encouraging users to use on a > regular basis. > > IMO a better solution would be a standalone tool that you could point at a > local Maildir and tell it to clean and re-encrypt anything it finds that is > bad (for > a given value of “bad”), and save it to a new Maildir, perhaps with an > attachment explaining what was done. This would of course invalidate any > signatures on the re-encrypted data, but that’s OK for the use case. It should > not be an in-place update, nor should it work over e.g. IMAP because that > would a) encourage people to run it in a cronjob and b) destroy the originals, > which may be a deal breaker for archival purposes.
Sounds nice. Maybe if you combine it with the suggestions from https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060362.html (and perhaps improve my proposal, as a first guess usually cannot be the best), you could kill two birds with one stone. Hence you also could have a shorter path to get rid of old ciphers, MDCs and other backward compatibility stuff, thus increasing security and speeding up development. LG Roman _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users