gpg - difference --encrypt-to and --recipient
Dirk Gottschalk
dirk.gottschalk1980 at googlemail.com
Mon Dec 31 15:38:10 CET 2018
Hello Damien.
Am Montag, den 31.12.2018, 12:45 +0000 schrieb Damien Goutte-Gattat:
> On Mon, Dec 31, 2018 at 07:17:21AM +0100, Dirk Gottschalk via Gnupg-
> users wrote:
> > Yes, that's correct. Anyways, I prefer using the --hidden-recipient
> > for this purpose. That prevents the disclosure of the communication
> > paths with pure GPG-Packet analysis.
> You do realize that, in the case of e-mail, the communication paths
> are already disclosed by the SMTP protocol (command "RCPT TO") and
> the mail headers ("From", "To", and the like), which both are outside
> the scope of OpenPGP protection?
Yes, sure I do. But referencing the command line options, I thought he
was speaking about encryption of files. In this case, it could be of
(even if small) benefits to avoid the disclosure of the path.
> Using --hidden-recipient only protects against an hypothetic attacker
> who is somehow only able to obtain the email body (the OpenPGP
> message itself) without the surrounding metadata.
That's correct. As told, I was talking about encrypted files. If you
upload en encrypted file to a cloud service, for example, it could be a
good idea to encrypt only to hidden recipients. Security my obscurity
is not everytime a bad thing. ;)
Regards,
Dirk
--
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany
GPG: DDCB AF8E 0132 AA54 20AB B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181231/ca249992/attachment.sig>
More information about the Gnupg-users
mailing list