Page:
engine cryptotech
Pages
0000 notes about this wiki
EpicBackup
EpicStandardKeyserver
Home
adapter adapter build instructions version 3 x draft
adapter adapter build instructions
adapter adapter development
adapter change management
adapter change requests
adapter cvs conventions
adapter message to send passphrase
adapter passphrase support
adapter pep sec newjoiners dev
adapter pull requests
apps mime filenames
builds
cid build status per target env
cid c i system comparisons
cid ci and cd plan
cid ci and cd proposal
cid docker
cid gitlab ci primer
cid index
cid internal deployment
cid packaging concept
cid previous resources
cid processes
cid projects
cid
code generation
common adapter documentation adapter build instructions
common adapter documentation adapters
common adapter documentation hecks notepad
common adapter documentation how to write a pep adapter
concepts
email messages mime and message 2 0
engine::transport
engine asn1 background
engine asn1 message
engine basic concepts of the pep engine
engine cryptotech
engine distribution protocols
engine echo and session
engine echo protocol
engine elevated attachments
engine enable log
engine engine and adapter releases
engine engine breakfast agenda 20200930
engine engine breakfast agenda 20201006
engine engine breakfast agenda 20201013
engine engine breakfast log 20191217
engine engine breakfast log 20200107
engine engine breakfast log 20200121
engine engine breakfast log 20200128
engine engine breakfast log 20200519
engine engine breakfast log 20200526
engine engine breakfast log 20200616
engine engine breakfast log 20200811
engine engine breakfast log 20210223
engine engine breakfast log 20210309
engine engine breakfast log 20210316
engine engine breakfast log 20210323
engine engine breakfast log 20210406
engine engine breakfast log 20211112
engine engine breakfast log 20220127
engine engine breakfast log 20220922
engine engine breakfast log 20221001
engine engine breakfast log 20221006
engine files and paths
engine filing engine bugs and feature requests
engine general
engine gnupg disabled keys
engine group encryption to do
engine group encryption
engine group key reset
engine handshake from an application developers perspective
engine identity
engine key reset overview
engine key reset use cases
engine key reset
engine key sync
engine media keys
engine message 2 0 and beyond
engine message to send passphrase
engine mime rules peg
engine netpgp
engine notes on engine testing
engine offline transport
engine online transport
engine passive mode
engine passphrase support
engine pep auto consume
engine pep message
engine pep vs openpgp
engine ratings table
engine readme
engine signed only
engine sync and distribution
engine sync folder mode
engine sync from an application developers perspective
engine sync protocol
engine sync protocols
engine testing pep sync
engine tofu
engine transport status code
engine transport
engine trust rating
engine trust sync
engine trustwords
engine uncategorised development themes extracting keys
engine uncategorised development themes extracting own public keys
engine uncategorised development themes managing expectations for message attachments
engine uncategorised development themes old instructions building the engine on debian
engine uncategorised development themes playing with the management database
engine user pseudonymity
engine
enigmail pep build enigmail
enigmail pep enigmail dep matrix
enigmail pep enigmail pep dev env
enigmail pep enigmail pep
enigmail pep enigmail
git alias collection
hg2git
import from enigmail
jobs
json adapter about
json adapter debug mini adapter
json adapter message cache
json adapter readme
json adapter release builds
json adapter rfc mutual auth
json adapter session managment
json adapter possibly outdated session managment
lib pep adapter releases
lib pep datatypes notes
lib pep mime parsing heuristics
lib pep mime
list of projects using the engine
macos adapter
mainframe
mime
mixnet old document
mixnet
move engine attack vectors
move engine dictionaries
pep from an application developers perspective
pep jni adapter releases
pep python adapter quick setup for sync testing
pep python adapter releases
playground
rtfm
security model
security models perimeter based vs zero trust
software development crypto dev meetings 2016 09 26
software development crypto dev meetings 2016 10 24
software development crypto dev meetings 2017 02 24
software development crypto dev meetings 2018 06 19
software development migration hg git
software development release process
software development testing
software projects overview
source conventions
specifications key reset specification
specifications playground group encryption management
specifications sample specification template and guide
thunderbird
tools and tips docker
tools and tips
transport config
transport offline transport
transport online transport
transport transport status code
transport transport
windows character encoding
windows desktop adapter
No results
1
engine cryptotech
Luca Saiu edited this page 2026年02月10日 13:55:21 +01:00
17:05 <@edouard> fdik: what should be result of decrypt_and_verify when signer's key is expired ?
17:16 <@fdik> it must decrypt and verify
17:16 <@fdik> expiry is only for encryption
17:17 <@fdik> decryption must not be affected
17:30 <@edouard> ok. is scope of revokation different ?
17:43 <@fdik> for trust level, yes
17:43 <@fdik> but not fot decrypting
17:52 <@edouard> if a key have been revoked, and I receive a message encrypted and signed by that key. All good ?
17:53 <@fdik> Will be decrypted.
17:53 <@fdik> Depending on the date of the message, it will be marked unreliable or forged
17:53 <@fdik> if it was sent before revocation, it's unreliable
17:53 <@fdik> if it was sent after revocation, it's forged
17:53 <@fdik> but that's all trust
17:54 <@fdik> so it has nothing to do with PGP layer in p≡p engine
17:54 <@fdik> because p≡p is not based on the trust system of PGP
17:54 <@edouard> ok, so decrypt_and_verif should keep OK even if key revoked.
17:55 <@fdik> could you please put that into the wiki?
17:55 <@fdik> yes
17:55 <@fdik> to be exact:
17:56 <@fdik> decrypt_and_verify() MUST deliver one of the decryption results of PEP_STATUS
17:56 <@fdik> It's the results 0x0400 - 0x04ff
17:57 <@fdik> If it can be decrypted and verified correctly, it has to deliver PEP_DECRYPTED_AND_VERIFIED
17:57 <@fdik> if verification is not possible, it's PEP_DECRYPTED
17:59 <@edouard> ok. anyhow, the way I rewrote keyring lookup funcs make it parametrable in netpgp. so, we can change our mind later :)
17:59 <@edouard> for now, I'll just decrypt and verif even if revoked
18:12 <@fdik> can you send a PEP_DECRYPTED if it was revoked, plz? ;-)
The content of this wiki is being migrated from an old system, and as of late 2023 / early 2024 a few links may still be broken and some pages may be obsolete.
See 0000-notes-about-this-wiki about the conversion. Please forgive the temporary mess.
(Note for ourselves: this is in _Sidebar.md.)