No Hidden-Recipient support in GPGME?

Bernhard Reiter bernhard at
Mon Sep 1 14:27:13 CEST 2008

On Thursday 28 August 2008 14:59, David Shaw wrote:
> On Aug 28, 2008, at 8:26 AM, Arturo 'Buanzo' Busleiman wrote:
> > Werner Koch wrote:
> >> What we could add far easier is an encryption flags which sets the
> >> --throw-keyid option of gpg and thus all recipients would be hidden.
> >
> > That would work too! Jacob Appelbaum and I are working on the Web-of-
> > Trust solution to the OpenPGP
> > for HTTP Bootstrapping issue, and we discovered that --throw-keyids  
> > would be great as a simple
> > counter-measure against traffic analysis.
> Emphasis on 'simple', though.  Hidden keyids do work, but read
> for one
> potential gotcha and workaround.

To me understanding, using a blind carbon copy on emails requires
the email application to send out several versions of the email:
1) encrypted to all visible recipients
n invisible recipients*) encrypted to all visible recipients and one out of n 


Managing Director - Owner:       (Free Software Company)
Germany Coordinator: Coordinator:
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1603 bytes
Desc: not available
URL: </pipermail/attachments/20080901/bf94d6d3/attachment.bin>

More information about the Gnupg-devel mailing list