[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security flaw in pgg-gpg-process-region?

From: Richard Stallman
Subject: Re: Security flaw in pgg-gpg-process-region?
Date: Wed, 06 Sep 2006 04:49:03 -0400

    First, in (1) he didn't like the "display blinking" behavior since PGG
    had been used asynchronous process instead of synchronous process.
    As he said, this was not a real problem.


    Second, (1) causes a problem which forbids using ISO-8859-1 characters
    in passphrases.  So he proposed (2), but it was not a correct fix
    (passphrases should be encoded in locale-coding-system rather than just
    making them unibyte) and it was not working before the reversion.  I
    think this is not so important problem, since it can be avoided by using
    ASCII only passphrases in practice.

Are you saying this problem does not occur if his change (1) is removed?
If so, we don't need to solve it, since we have removed (1).

reply via email to

[Prev in Thread] Current Thread [Next in Thread]