-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use OpenPGP.js v6 native ways to reject algorithms #4905
Comments
Yes, there is It does allow to use this subkey (signed by the weak primary key) for encryption. |
i'd file it as a bug. cc @sosnovsky |
I found possible explanation for such logic in
(from https://superuser.com/a/613926) So probably they doesn't see it as a bug, but expected functionality and they check Then we'll still need to check primary key algorithm on our side or propose |
I think it should still be reported as a bug. It's called |
That's not entirely accurate. |
Sounds buggy for sure. Once you report it, please link that issue here. Let's see if they intended this behavior. |
Reported openpgpjs/openpgpjs#1608 |
I suppose there was new functionality for this in OpenPGP.js v5, where we can simply configure which algorithms to use or forbid? Either in global config or when doing particular actions (forgot about their implementation). In which case we could stop using
removeWeakKeyPackets
/ remove it. Can be another issue.Originally posted by @tomholub in #4725 (comment)
The text was updated successfully, but these errors were encountered: