Control: tags -1 + wontfix Seeing this "solved" by an opt-in for being secure switch is simply embarrassing for Debian's already not so shining security philosophies and paradigms. There's basically no reason that speaks against doing it properly, i.e. vice-versa: requiring verification by default and only allow it to be disabled manually. Especially since typically no user would even notice that within Debian. Anyway, since the bug as reported hasn't been fixed properly (the opt-in security implemented by #733179 obviously doesn't do so) but since upstream has apparently no interest in doing so, marking this as wontfix, as it should be. Cheers.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature