Implications of a common private keys directory in 2.1

Carola Grunwald caro at
Thu Nov 24 00:25:52 CET 2016

Peter Lebbing <peter at> wrote:

>On 23/11/16 18:54, Carola Grunwald wrote:
>> Which relevant information does the single Received: header, describing
>> the recipient MTA's interaction with the exit remailer, leak?
>If you sign the data just before the interaction, the signature time and
>the time noted in the Received:-header are virtually identical, so the
>signature time doesn't leak data.

No, that isn't correct. Dependent on the length of the remailer chain
and the individual latency of the involved hops there may be hours, even
days between the signing process at the sender and the final message
transfer from the exit remailer to the recipient's MTA. And you have to
be aware that at each hop the message envelope (including some Received:
header line) is completely removed and replaced by nothing but the next
hop's address.

>> Not real-time Tor but remailers providing latency. You got it.
>> [...]
>> You can send your PGP message to and fro around the world through
>> as many servers as you like hiding all your traces thus removing sender
>> metadata. With TLS you can't.
>I think other people were thinking you wanted to use regular mail
>transports in combination with your OpenPGP layer. Thus, only very few
>MTA's would be involved and they would all be under the administration
>of either the sending, or the receiving party. That is, the exact two
>parties who have access to the private keys in the scheme you proposed.
>Hence the noted similarity.

Different from TLS with my PGP layer solution it doesn't matter how many
MTAs are involved in the delivery process and how long that takes.

Kind regards


More information about the Gnupg-users mailing list