nb.linux nb.linux at
Fri Apr 11 12:03:20 CEST 2014

p.h.delgado at
> On 04/10/2014 04:03 PM, Nicolai Josuttis wrote:
>> Recently I was reading

If the addressees aren't bored with that, you could add the
`--throw-keyids' option. For enigmail this would be the
`extensions.enigmail.agentAdditionalParam' key.

This would remove the key IDs from the message. On the other hand, the
receivers will be asked for a passphrase until a matching key (one that
can decrypt the message) is found, for every key they have.

>From the man page:
> --throw-keyids
> --no-throw-keyids
>     Do not put the recipient key IDs into encrypted  messages.  This
>     helps  to  hide  the  receivers  of the message and is a limited
>     countermeasure against traffic analysis. ([Using a little social
>     engineering  anyone who is able to decrypt the message can check
>     whether one of the other recipients is the  one  he  suspects.])
>     On  the  receiving side, it may slow down the decryption process
>     because all available secret keys must  be  tried.   --no-throw-
>     keyids disables this option. This option is essentially the same
>     as using --hidden-recipient for all recipients.


More information about the Gnupg-users mailing list