No Hidden-Recipient support in GPGME?

Bernhard Reiter bernhard at intevation.de
Mon Sep 1 14:27:13 CEST 2008


On Thursday 28 August 2008 14:59, David Shaw wrote:
> On Aug 28, 2008, at 8:26 AM, Arturo 'Buanzo' Busleiman wrote:
> > Werner Koch wrote:
> >> What we could add far easier is an encryption flags which sets the
> >> --throw-keyid option of gpg and thus all recipients would be hidden.
> >
> > That would work too! Jacob Appelbaum and I are working on the Web-of-
> > Trust solution to the OpenPGP
> > for HTTP Bootstrapping issue, and we discovered that --throw-keyids  
> > would be great as a simple
> > counter-measure against traffic analysis.
>
> Emphasis on 'simple', though.  Hidden keyids do work, but read
> http://www.imc.org/ietf-openpgp/mail-archive/msg10923.html for one
> potential gotcha and workaround.

To me understanding, using a blind carbon copy on emails requires
the email application to send out several versions of the email:
1) encrypted to all visible recipients
n invisible recipients*) encrypted to all visible recipients and one out of n 
invisible.

Bernhard

-- 
Managing Director - Owner: www.intevation.net       (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1603 bytes
Desc: not available
URL: </pipermail/attachments/20080901/bf94d6d3/attachment.bin>


More information about the Gnupg-devel mailing list