On Sun 2017-07-09 07:46:14 -0300, David Bremner wrote:
> There are some cases like remote usage where this might cause
> problems, but those users can easily customize the variable. The
> inconvenience seems to be outweighed by the security benefit for most
> users.

lgtm.  i'm not sure that this change is technically a "security
benefit", though, it looks more like a "usability benefit", since the
main use of process-crypto is likely to be decrypting messages.

for signature verification, there's some small security benefit, but
since it's mainly exposure of interesting information to the user (as
opposed to blocking users from doing unsafe things) it's still probably
more on the usability side than security.

still, i think it's a good change.  If it uncovers performance problems
on use cases that normal people care about, hopefully we can get
examples of those use cases and get the performance problems fixed
(rather than just encouraging those users to set the flag to nil).

     --dkg