From c4023d3ec604abfff38be2053e2989c7ec2ba8c1 Mon Sep 17 00:00:00 2001
From: Patrick Luby <guibmacdev@gmail.com>
Date: Tue, 26 Mar 2024 17:39:35 -0400
Subject: Related: tdf#160184 clearly describe security risk

Encrypting with untrusted public keys increases the risk of
"man-in-the-middle" attacks so emphasize this risk.

Change-Id: I48cbb7b002c5f17bdac3372bf94c1bc18ea68566
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165396
Tested-by: Jenkins
Reviewed-by: Patrick Luby <guibomacdev@gmail.com>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
---
 xmlsecurity/inc/strings.hrc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'xmlsecurity/inc')

diff --git a/xmlsecurity/inc/strings.hrc b/xmlsecurity/inc/strings.hrc
index 69b62a06dafe..7ed55690f97b 100644
--- a/xmlsecurity/inc/strings.hrc
+++ b/xmlsecurity/inc/strings.hrc
@@ -65,6 +65,6 @@
 
 #define STR_BROKEN_MACRO_CERTIFICATE_DATA           NC_("STR_BROKEN_MACRO_CERTIFICATE_DATA", "Macro security problem!\n\nBroken certificate data: %{data}")
 #define STR_RELOAD_FILE_WARNING                     NC_("STR_RELOAD_FILE_WARNING", "Reload the file to apply the new macro security level")
-#define STR_TRUST_UNTRUSTED_PUBKEY                   NC_("STR_TRUST_UNTRUSTED_PUBKEY", "The following OpenPGP public key is not trusted:\n\n%{data}\n\nDo you want to use this untrusted OpenPGP public key?")
+#define STR_TRUST_UNTRUSTED_PUBKEY                   NC_("STR_TRUST_UNTRUSTED_PUBKEY", "Security warning: the following OpenPGP public key is untrusted:\n\n%{data}\n\nEncrypting with an untrusted public key increases the risk of a \"man-in-the-middle\" attack. A successful \"man-in-the-middle\" attack gives malicious third parties the ability to decrypt your document.\n\nDo you really want to encrypt your document with this untrusted public key?")
 
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
-- 
cgit