User experience of --hidden-recipient encryption
Werner Koch
wk at gnupg.org
Sun Jan 31 19:13:51 CET 2016
On Fri, 29 Jan 2016 19:32, bre at pagekite.net said:
> a) I use --hidden-recipient
Never. You leak the information that there is a BCC, so it is only
half-blind.
> b) I send them their own separate copy of the mail, encrypted only to them
That is how all proper MUAs do it.
> How does this work in practice? Is --hidden-recipient a decent
> user experience for the recipient?
No, because you need to do trial decryption only to realize that the
sender forgot to encrypt to you ;-). Trial decryption may even mean to
swap your cards.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list