Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider to allow decryption with sign/certify primary key and/or subkey. #2177

Open
ni4 opened this issue Jan 12, 2024 · 1 comment
Open

Consider to allow decryption with sign/certify primary key and/or subkey. #2177

ni4 opened this issue Jan 12, 2024 · 1 comment
Milestone
v0.18.0

Comments

@ni4
Copy link
Contributor

ni4 commented Jan 12, 2024

Description

It seems that, in a real world, standards are not always obeyed: https://bugzilla.mozilla.org/show_bug.cgi?id=1865620
So we should consider to allow users to decrypt message even if it is encrypted by sign/certify key.
@ni4 ni4 added this to the v0.18.0 milestone Jan 12, 2024
@teythoon
Copy link

teythoon commented Feb 8, 2024

Please don't do that. We use separate keys for signing and encryption for a reason. Even though some implementations may do that, this is just a terrible idea and should be fixed at the sender. Decrypting using signing-only keys is what made the faulty sending implementation get away with it in the first place. Let's not descend on a race to the bottom.

For an example why we don't do that: All ElGamal signing keys are compromised, and if they are also used for encryption, this breaks confidentiality as well: https://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000160.html

FWIW, I wrote a test for this: https://tests.sequoia-pgp.org/#Non-encryption_recipients

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.18.0
Development

No branches or pull requests
2 participants
@teythoon @ni4