From 9f66bd88f7d98838f9d673129533c5a6a5432eb5 Mon Sep 17 00:00:00 2001
From: Florian Schmaus <flo@geekplace.eu>
Date: Tue, 26 Jan 2016 17:31:36 +0100
Subject: [PATCH] OX: Clarify that it only mitigates replay attacks

---
 xep-openpgp/xep-openpgp.xml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/xep-openpgp/xep-openpgp.xml b/xep-openpgp/xep-openpgp.xml
index 0553d83e..44a542e9 100644
--- a/xep-openpgp/xep-openpgp.xml
+++ b/xep-openpgp/xep-openpgp.xml
@@ -671,10 +671,12 @@ Standards Foundation.</permissions>
     (<link url='https://xmpp.org/extensions/xep-0027.html#security'>§
     4</link>, <link
     url='https://xmpp.org/extensions/xep-0027.html#issues'>§
-    5</link>). It prevents replay attacks by including the recipient's
-    address and a timestamp in the OpenPGP content element. It allows
-    for both, signing and encrypting of the element. The scope of the
-    specification was deliberately limited to OpenPGP.</p>
+    5</link>). It mitigates replay attacks by including the
+    recipient's address and a timestamp in the OpenPGP content
+    element<note>Full Replay attack prevention would require a
+    counter based approach.</note>. It allows for both, signing and
+    encrypting of the element. The scope of the specification was
+    deliberately limited to OpenPGP.</p>
 
     <p>Features like signed presences, which is provided by XEP-0027,
     may be added later on as add-on XEP to this.</p>