how vulnerable is "hidden-encrypt-to"
Hauke Laging
mailinglisten at hauke-laging.de
Sat Aug 18 04:24:21 CEST 2012
Am Fr 17.08.2012, 21:05:32 schrieb auto15963931:
> In the example
> of yours it appears as though the message was encrypted to two different
> keys, one of which was hidden and the other not. Is that right?
That is right. --hidden-encrypt-to needs other recipients. But you may use
‑‑throw-keyids or --hidden-recipient instead.
> Incidentally, when I looked at your reply and noticed it was signed, I
> tried verifying the signature.
> Why is the signature failing? Thanks.
That's a bug in my MUA which is triggered by the email being encoded as ascii:
https://bugs.kde.org/show_bug.cgi?id=305171
This bug (or rather: problem) has been discovered here on the list – it occurs
almost only in English emails. I have added a non-ASCII char to my text
signature thus forcing a charset different from ascii. Thus the signature of
this email should be OK.
Hauke
--
☺
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120818/cfa2175f/attachment.pgp>
More information about the Gnupg-users
mailing list