On Sun 2017-07-09 07:46:14 -0300, David Bremner wrote: > There are some cases like remote usage where this might cause > problems, but those users can easily customize the variable. The > inconvenience seems to be outweighed by the security benefit for most > users. lgtm. i'm not sure that this change is technically a "security benefit", though, it looks more like a "usability benefit", since the main use of process-crypto is likely to be decrypting messages. for signature verification, there's some small security benefit, but since it's mainly exposure of interesting information to the user (as opposed to blocking users from doing unsafe things) it's still probably more on the usability side than security. still, i think it's a good change. If it uncovers performance problems on use cases that normal people care about, hopefully we can get examples of those use cases and get the performance problems fixed (rather than just encouraging those users to set the flag to nil). --dkg