Questions about --throw-keyids
Bjarni Runar Einarsson
bre at pagekite.net
Mon Feb 13 12:41:51 CET 2017
-----BEGIN PGP SIGNED MESSAGE-----
Context: I am trying to figure out how much visible metadata I
can remove from an encrypted e-mail before it becomes completely
Step one: stripping stuff from the message headers is relatively
easy; minimal messages with all recipients in BCC are easy to
create (yes, I know the SMTP envelope and SMTP logs still have
the data - this is minimization of metadata, not eliminiation).
Step two: Encrypt using gpg --throw-keyids.
This is easy on the sender's end, but whether this feature can be
used as a matter of course depends on how it impacts the
experience of the recipient. This is where I have some questions
and could use some guidance. Please feel free to correct me if
I've gotten things wrong!
(For those unfamiliar with --throw-keyids: it creates an
encrypted message without any indicators as to which keys it is
encrypted to - so the recipient has to "guess" - in practice
GnuPG will try multiple secret keys until one works or it runs
out of options.)
Using GnuPG 1.4.20 to decrypt, there appears to be a problem
where it only asks for one passphrase even if it is checking many
keys. So the user has to guess which passphrase to provide and
won't be asked again.
Using GnuPG 2.1.11 to decrypt, I do get multiple passphrase
prompts (one per key/subkey), but it doesn't seem to ask me about
expired keys. I am guessing this was a usability trade-off, so
long-time users of GnuPG don't have to answer dozens of
passphrase prompts when decrypting.
* Am I understanding the GnuPG 1.4 behaviour correctly? Is there a recommended workaround?
* Will GnuPG 2.1.11 attempt to decrypt using an expired key if the message is old, or will old messages just become (effectively) inaccessible over time as keys expire?
* Are the above behaviours different when using GnuPG non-interactively?
* Can the caller influence these behaviours in any way? For example, can I force GnuPG to only try one specific key so my application can manage the experience and experiment with other "guessing" strategies?
* How does GnuPG 2.0 behave?
* Roughly when did the behaviour change between 1.4 and 2.1.11?
Thanks in advance for any and all answers. :-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the Gnupg-users