Encryption on Mailing lists sensless?
Ingo Klöcker
kloecker at kde.org
Thu Nov 20 22:54:50 CET 2014
On Tuesday 18 November 2014 22:43:18 MFPA wrote:
> On Tuesday 18 November 2014 at 6:15:57 PM, in
> <mid:546B8CDD.5010700 at riseup.net>, Mirimir wrote:
> > As long as messages were separately encrypted to each
> > recipient, no third parties would be involved.
>
> For an email message with multiple recipients, I think most mail
> clients and OpenPGP encryption agents that I have looked at encrypt
> the message to all addressees at once. I only recall one combination
> that encrypted an individual copy for each addressee, and am not sure
> I correctly remember which it was.
KMail encrypts an individual copy for each BCC recipient. I thought
Thunderbird+Enigmail would also do this.
Any mail client not doing this completely subverts BCC (unless --throw-keyids
or --hidden-recipient is used, but even throwing the key IDs still leaks the
number of hidden recipients).
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20141120/dccec7fb/attachment.sig>
More information about the Gnupg-users
mailing list