thesinoda@xxxxxxxxxxx wrote: > very easy, in fact in less than two minute. The problem is similar to > the bug I found in PGP last year. The bug you did *NOT* find in PGP last year. All you did was bypass a sanity check and show that you could decrypt a file with the wrong password and get garbage. cheers, DaveK -- Can't think of a witty .sigline today....