No Hidden-Recipient support in GPGME?
dshaw at jabberwocky.com
Thu Aug 28 14:59:51 CEST 2008
On Aug 28, 2008, at 8:26 AM, Arturo 'Buanzo' Busleiman wrote:
> Werner Koch wrote:
>> What we could add far easier is an encryption flags which sets the
>> --throw-keyid option of gpg and thus all recipients would be hidden.
> That would work too! Jacob Appelbaum and I are working on the Web-of-
> Trust solution to the OpenPGP
> for HTTP Bootstrapping issue, and we discovered that --throw-keyids
> would be great as a simple
> counter-measure against traffic analysis.
Emphasis on 'simple', though. Hidden keyids do work, but read http://www.imc.org/ietf-openpgp/mail-archive/msg10923.html
for one potential gotcha and workaround.
More information about the Gnupg-devel