Should always add myself as recipient when ecrypting?

Viktor Dick viktordick86 at gmail.com
Mon Mar 21 20:30:07 CET 2016


On 21.03.2016 10:44, Paolo Bolzoni wrote:
> Dear list,
> 
> The subject pretty much says it all already, I am using GnuPG 2.1.11
> (with libgcrypt 1.6.5) and I was wondering if I should always add
> myself as recipient when encrypting a file, of course, in addition of
> the real recipient.
> 
> Is there a reason not to?

Hi,
I guess if you have a reason to keep a copy in your 'Sent' folder
(talking about email now) you have a reason to also encrypt to yourself.
Especially for IMAP, where all you email correspondence is synced
between multiple devices, you will not want to keep the cleartext file
only on one machine and you will not want to put the cleartext on the
server, so you will encrypt it to yourself and store the result on the
server.

One might argue that you should send a file that is only encrypted to
your recipient and store a file that is only encrypted to yourself, so
if one of you deletes his copy, the attack opportunities are also reduced.

I know that Enigmail has the option to save draft messages encrypted to
oneself, but I am not sure what it does with encrypted sent messages.

Regards,
Viktor

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160321/783e269c/attachment-0001.sig>


More information about the Gnupg-users mailing list