[…]We made three statements about the Efail attack at the beginning. We'regoing to repeat them here and give a little explanation. Now that we'veexplained the situation, we're confident you'll concur in our judgment.This paper is misnamed. It's not an attack on OpenPGP. It's anattack on broken email clients that ignore GnuPG's warnings and do sillythings after being warned.This attack targets buggy email clients. Correct use of the MDCcompletely prevents this attack. GnuPG has had MDC support since thesummer of 2000.The authors made a list of buggy email clients. It's worth lookingover their list of email clients (found at the very end) to see if yoursis vulnerable. But be careful, because it may not be accurate -- forexample, Mailpile says they're not vulnerable, but the paper indicatesMailpile has some susceptibility.The authors have done the community a good service by cataloguing buggyemail email clients. We're grateful to them for that. We do wish,though, this thing had been handled with a little less hype. A wholelot of people got scared, and over very little.