Related: tdf#160184 clearly describe security risk

Encrypting with untrusted public keys increases the risk of "man-in-the-middle" attacks so emphasize this risk. Change-Id: I48cbb7b002c5f17bdac3372bf94c1bc18ea68566 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165396 Tested-by: Jenkins Reviewed-by: Patrick Luby <guibomacdev@gmail.com> Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
2024-03-26 17:39:35 -04:00 · 2024-03-26 17:39:35 -04:00 · c4023d3ec6
commit c4023d3ec6
parent 0a2535ceb0
1 changed files with 1 additions and 1 deletions
--- a/xmlsecurity/inc/strings.hrc
+++ b/xmlsecurity/inc/strings.hrc
@ -65,6 +65,6 @@

 #define STR_BROKEN_MACRO_CERTIFICATE_DATA           NC_("STR_BROKEN_MACRO_CERTIFICATE_DATA", "Macro security problem!\n\nBroken certificate data: %{data}")
 #define STR_RELOAD_FILE_WARNING                     NC_("STR_RELOAD_FILE_WARNING", "Reload the file to apply the new macro security level")
-#define STR_TRUST_UNTRUSTED_PUBKEY                   NC_("STR_TRUST_UNTRUSTED_PUBKEY", "The following OpenPGP public key is not trusted:\n\n%{data}\n\nDo you want to use this untrusted OpenPGP public key?")
+#define STR_TRUST_UNTRUSTED_PUBKEY                   NC_("STR_TRUST_UNTRUSTED_PUBKEY", "Security warning: the following OpenPGP public key is untrusted:\n\n%{data}\n\nEncrypting with an untrusted public key increases the risk of a \"man-in-the-middle\" attack. A successful \"man-in-the-middle\" attack gives malicious third parties the ability to decrypt your document.\n\nDo you really want to encrypt your document with this untrusted public key?")

 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */