--encrypt-to usage

Robert J. Hansen rjh at sixdemonbag.org
Sat Apr 25 15:45:27 CEST 2009

Matthew Krotzer wrote:
> 	I've recently started using Gnupg and public key encryption
> 	in general. In my research I believe I've read that the
> 	--encrypt-to option is a bad idea because it creates another
> 	option for an attacker. If the attacker has either key,
> 	then they can decode what was sent to the recipient.

There is a lot of very bad advice out there.  This idea is an example of it.

The more people who know a secret, the more likely it is that secret
will get out.  That's a weakness in human beings, not a weakness in the

So long as you trust that your correspondents are using GnuPG safely and
correctly, and you trust they're not working with your enemies, use
--encrypt-to with confidence.

More information about the Gnupg-users mailing list