Robert J. Hansen
rjh at sixdemonbag.org
Sat Apr 25 15:45:27 CEST 2009
Matthew Krotzer wrote:
> I've recently started using Gnupg and public key encryption
> in general. In my research I believe I've read that the
> --encrypt-to option is a bad idea because it creates another
> option for an attacker. If the attacker has either key,
> then they can decode what was sent to the recipient.
There is a lot of very bad advice out there. This idea is an example of it.
The more people who know a secret, the more likely it is that secret
will get out. That's a weakness in human beings, not a weakness in the
So long as you trust that your correspondents are using GnuPG safely and
correctly, and you trust they're not working with your enemies, use
--encrypt-to with confidence.
More information about the Gnupg-users