Not sure what MDC is but I am going to go out on a limb and guess that it has to do with message authentication codes, in which case it should be left enabled. I don't know if some GPG programs don't use it or not, but if they don't it is a security flaw on their end. Okay just looked up MDC So pretty much the MDC is to make sure that the ciphertext is not modified in such a way that the plaintext changes. All in all I don't think it is a huge threat but MDC detects it. It is probably something like hashing the plaintext message and then concatenating the hash to the plaintext prior to encryption, and during decryption removing the hash then hashing the plaintext and comparing the hash to the concatenated hash.