Double encryption ??
Michael Nahrath
macgpg-users@nahrath.de
Tue Apr 8 11:42:24 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Oliver Hankeln <oliver@hankeln-online.de> schrieb am 2003-04-05 14:14:
> a friend of mine and me were just starting using GPG.
> He encrypted a text for me an sent it to me. I was able to decrypt it.
> BUT: He was also able to decrypt the encrypted message with his own
> secret key.
He should check his ~/.gnupg/gpg.conf file (or ~/.gnupg/options if he is
running an older version of GPG) for the entries
default-recipient-self or
default-recipient $MY_KEY_ID
Usually you _want_ to be able to decrypt messages you encypted to someone
else's key yourself.
To prevent this you may try the option '--no-default-recipient' on the
command-line or uncomment the lines in the config file.
> The only reason why this could happen as seen by us is that the text has
> been encrypted twice - with my and with his public key.
Probably it was encypted only once, but for the two keys.
> We just want to be sure we didn=B4t make any mistakes. Is our assumption
> right?
I guess, the --default-recipient-self may be a default option in your GPG
installation. So I don't see any mistakes on your side.
Greeting, Michi
-----BEGIN PGP SIGNATURE-----
Comment: http://www.biglumber.com/x/web?qs=3D0x9A4C704C
iEYEARECAAYFAj6Rd5sACgkQ19dRf5pMcEyQIQCbBQDRz2pzDx2QUt5d0n7lVsJD
QVAAoLh6Yw/zHxINBW0fKZV95SninCsp
=3DQk/W
-----END PGP SIGNATURE-----