Should always add myself as recipient when ecrypting?

vedaal at nym.hush.com vedaal at nym.hush.com
Mon Mar 21 21:19:12 CET 2016



On 3/21/2016 at 3:04 PM, "Werner Koch" <wk at gnupg.org> wrote:On Mon, 21 Mar 2016 10:44, paolo.bolzoni.brown at gmail.com said:

> myself as recipient when encrypting a file, of course, in addition of
> the real recipient.

That allows you to delete the plaintext while still being able to get it
back.

> Is there a reason not to?

If you want to send an anonymous message it is better not to encrypt to
an additional key.  It is also smart not to use a wildcard
(--throw-keyid) for your own key so that in case your secret key leaks
it won't be possible to show that the message has also been encrypted to
you.

=====

A simple working to accomplish this, is to additionally symmetrically encrypt the message.

Use the session key from a message encrypted only to your secret key, as the passphrase for the additionally symmetrically encrypted message.

(  (afaik), there is minimal danger in continuing to use this passphrase for additional symmetrical messages.)

It will allow decryption of sent messages, while providing anonymity.


vedaal




More information about the Gnupg-users mailing list