No, it is not.

Thomas Harning Jr. harningt at gmail.com
Thu Apr 28 05:12:28 CEST 2011


On Wed, Apr 27, 2011 at 4:19 PM, M.R. <makrober at gmail.com> wrote:
> For most individuals who really *need* (as opposed to those
> that do it as a matter of ideology or principle) to protect
> their communication, the need to keep confidential who is
> communicating with whom is as important as is the protection
> of the content.
...
GnuPG has a mode to handle this sort of encryption without identification...
While the default is to provide a reference for the key that is usable
to decrypt the message, you can opt to not include this information at
the cost of making the other party take a little more time to decrypt
(it has to scan all of its available keys).

If you want authentication in there as well, you'd just need to wrap
the signature inside the encrypted-body rather than around it.

An example use of this would be to send a message to a bulk mailing
list or post it on the web at a known "drop" point (preventing the
intermediate servers from knowing both parties directly) wrapped as
follows: GPG(encrypt-to-X but dont mention X, GPG(sign-with-Y(msg))

-- 
Thomas Harning Jr.
Support my wife, Jenn, as she runs her first 10k, donations
appreciated... every dollar helps!
http://www.akidagain.org/site/TR/Cincinnati5k10k2011/General?px=1127201&pg=personal&fr_id=1140



More information about the Gnupg-users mailing list