[kmail2] [Bug 404698] Decryption Oracle based on replying to PGP or S/MIME encrypted emails
David Faure
bugzilla_noreply at kde.org
Mon Apr 22 10:31:07 BST 2019
https://bugs.kde.org/show_bug.cgi?id=404698
--- Comment #12 from David Faure <faure at kde.org> ---
About the original suggestion: "Do not decrypt emails unless the PGP or S/MIME
encrypted part is the root node -- and therefore the only part -- in the MIME
tree (exception: multipart/signed for encrypted-then-signed S/MIME messages)."
This would mean if you attach a non-encrypted image (say, company logo) to an
encrypted email, the recipient can't reply to the email anymore? I think we
always want to decrypt the main text part? (fuzzy term, I don't know what the
actual logic is in kmail, but I mean the text that gets quoted).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list