Hi,

I use Gnus for email.  In light of EFAIL [1][2], I'm trying to use Gnus
more securely.  In their official response to EFAIL, the GnuPG team
pointed out that the Modification Detection Code (MDC) feature of GnuPG
can protect against this kind of attack when used correctly [3].  They
recommend that you "check with your email plugin vendor to see if they
handle MDC errors correctly".  So here I am!

I'd like to ensure that, when decrypting email, if the MDC is either (1)
missing or (2) invalid, Gnus never processes the data in ways that
expose me to the risk of an EFAIL-style attack.  I understand that GnuPG
emits a warning about the MDC in some cases (e.g., if a non-modern
cipher algorithm is used without an MDC) and an error in others (e.g.,
if a modern cipher is used without an MDC) [4].  The messages apparently
look like this:

  gpg: encrypted with 256-bit ECDH key, ID 7F3B7ED4319BCCA8, created 2017-01-01
        "Werner Koch <wk at gnupg.org>"
  [GNUPG:] BEGIN_DECRYPTION
  [GNUPG:] DECRYPTION_INFO 0 7
  [GNUPG:] PLAINTEXT 62 1526109594 
  [GNUPG:] PLAINTEXT_LENGTH 69
  There is more to life than increasing its speed.
                  -- Mahatma Gandhi
  gpg: WARNING: message was not integrity protected
  [GNUPG:] DECRYPTION_FAILED
  [GNUPG:] END_DECRYPTION

In any case, until the MDC has been successfully validated, I don't want
Gnus to do anything risky, such as displaying the article to me.

What should I do to ensure that Gnus behaves the way I want?

Footnotes: 
[1]  https://efail.de/

[2]  https://www.eff.org/deeplinks/2018/05/not-so-pretty-what-you-need-know-about-e-fail-and-pgp-flaw-0

[3]  https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html

[4]  https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060320.html

-- 
Chris