Updated OpenPGP Security (markdown)

Dominik Schürmann 2017-11-07 18:45:11 +01:00
parent 2af89a0cd1
commit 3458ec4197
1 changed files with 0 additions and 3 deletions

@ -55,9 +55,6 @@ This argument summed up: "OpenPGP is complex, you need to learn a lot of stuff a
* This whole argument basically admits that many OpenPGP implementations and tutorials are overly complex. * This whole argument basically admits that many OpenPGP implementations and tutorials are overly complex.
* Our goal is to not require any complex knowledge for OpenPGP usage * Our goal is to not require any complex knowledge for OpenPGP usage
## Revocation certificate
TODO: Yes we must do this. Important TODO
## No support for Image Attribute Subpackets ## No support for Image Attribute Subpackets
In about 99% of all use cases there are better photos to be found in Android's contact database. Photos from Android's contact database are displayed only if a key has been confirmed, otherwise this could lead the user into a false sense of security. It is also not clear what a certification of an Image Attribute Subpacket would semantically mean. This is not specified in RFC 4880. Other applications such as [Kleopatra](https://www.kde.org/applications/utilities/kleopatra/) also doesn't support this subpackets. In about 99% of all use cases there are better photos to be found in Android's contact database. Photos from Android's contact database are displayed only if a key has been confirmed, otherwise this could lead the user into a false sense of security. It is also not clear what a certification of an Image Attribute Subpacket would semantically mean. This is not specified in RFC 4880. Other applications such as [Kleopatra](https://www.kde.org/applications/utilities/kleopatra/) also doesn't support this subpackets.