Recipient inconstistence

Matthew Byng-Maddick gnupg@lists.colondot.net
Tue Aug 14 12:21:01 2001


On Tue, Aug 14, 2001 at 11:09:23AM +0200, Werner Koch wrote:

> That is how it should work (modulo status output) but I am not anymore
> sure whether this is a good idea: If you want to send to Alice and
> Bob but due to a missing key you did not encrypt it for Bob, you will
> later have to resend the message to bob. After receiving the first
> message, Alice must assume the message was only intended for her and
> act accordingly
I'm not confinced that this is in fact sensible, by doing it you are assuming that I'm not in some way trying to cheat or break protocol. It is just as easy for me to encrypt lots of copies, and send them individually, as such, the analogue of an email Bcc: line. It should perhaps be an option on what to do with unknown recipients, I do agree that it's possible to do the wrong thing with the current default. However your reasoning on Alice's part is broken. If Alice does that, then she's not acting a good part in the protocol. MBM -- Matthew Byng-Maddick <mbm@colondot.net> http://colondot.net/