Possible chosen-ciphertext attack on receiver anonymity
messtic at oreka.com
Sat Jul 2 19:28:42 CEST 2005
On Saturday, July 2, 2005 at 2:00:10 PM +0200, Werner Koch wrote:
> On Fri, 1 Jul 2005 22:00:17 -0700 (PDT), Brent Waters said:
>> BCC recipients on encrypted email.
> The usual way to handle this is by sending separate mails. Even with
> key-privacy the recipients would notice that there might be a BCCed
> address. IIRC, Mutt does exactly this.
Unfortunately Mutt sends to all recipients, To, Cc, and Bcc, one
common mail encrypted to all of them (plus eventually to Fcc outbox
key). All recipients can see who was Bcced (and sender's storage key).
This was reported as a privacy bug (see Mutt bug #1090), and there
were discussions about sending one common mail to To+Cc plus one copy to
each Bcc. But nothing changed so far.
When you post a new message, beginning a new topic, use the "mail" or
"post" or "new message" functions.
When you reply or followup, use the "reply" or "followup" functions.
Do not do the one for the other, this breaks or hijacks threads.
More information about the Gnupg-devel