User experience of --hidden-recipient encryption

Werner Koch wk at
Sun Jan 31 19:13:51 CET 2016

On Fri, 29 Jan 2016 19:32, bre at said:

> a) I use --hidden-recipient  

Never.  You leak the information that there is a BCC, so it is only

> b) I send them their own separate copy of the mail, encrypted only to them  

That is how all proper MUAs do it.

> How does this work in practice? Is --hidden-recipient a decent
> user experience for the recipient?

No, because you need to do trial decryption only to realize that the
sender forgot to encrypt to you ;-).  Trial decryption may even mean to
swap your cards.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list