|
|
|
|
|
|
by dfabulich
2951 days ago
|
|
|
Nobody said "you can't check the MDC." Everybody said "you have to check GPG's error code." And I think it's clear to everybody (in this thread) that GPG's approach is a dangerous blame-the-user approach to API design, even granting that this dangerous approach offers optimum performance (especially relative to adding an entire second pass). |
|
|
* GPG should never release unauthenticated plaintext to callers. The exit code is a red herring.
* Nothing about "pipes" prevents them from squelching unauthenticated plaintext.