[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] What about GnuPG's --hidden-recipient option as default for torbirdy?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] What about GnuPG's --hidden-recipient option as default for torbirdy?
From: "nb.linux" <nb.linux@xxxxxxxxx>
Date: Tue, 17 Dec 2013 21:00:15 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 17 Dec 2013 16:41:44 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi,

I was thinking whether it could be a good idea to have the
  --hidden-recipient
option for GnuPG set in torbirdy by default? (if at all possible [*])

`man gpg2' says
--hidden-recipient name

-R     Encrypt for user ID name, but hide the key  ID  of  this  userâs
       key.  This  option helps to hide the receiver of the message and
       is a limited countermeasure against traffic  analysis.  If  this
       option  or --recipient is not specified, GnuPG asks for the user
       ID unless --default-recipient is given.


I don't see why I should write the key used for encryption on the
envelope.. "They" already have the email address as "meta-data", so
there's no need to tell them which key was used.

Use cases:
- I have a key with some UIDs, but the key is used for other email
accounts, too, that are not publicly linked to the key. Then, I could
tell a good friend to use this email address (e.g. an address that makes
it difficult to guess who I am) with my key.
- I send someone an email but want to have the possibility to say that
the message was meant for someone else and I just confused the email
addresses (ok.. this is a weak argument)


When using the CLI and encrypting a normal file, the recipient/decrypter
gets
$ gpg -a -t --encrypt -R 0x<KEYID> -o secret_message
hello world
$ gpg  -o - secret_message
gpg: anonymous recipient; trying secret key <OTHER KEYID> ...
# passphrase for the default secret key asked
gpg: anonymous recipient; trying secret key <KEYID> ...
gpg: okay, we are the anonymous recipient.
gpg: encrypted with RSA key, ID 00000000
# plaintext secret message: hello world

the two secret keys tried are my signing/encryption subkeys. I assume
that someone with more secret keys with different passphrases will be
asked for pinentry some more times. That could be annoying if you have
plenty of keys...


[*] EDIT
After I added the switch to the Enigmail options, sending the email
failed because Enigmail added the '-R' too early
enigmail> /usr/bin/gpg2 --charset utf-8 --display-charset utf-8
--no-emit-version --no-comments --display-charset utf-8
--keyserver-options
no-auto-key-retrieve,no-try-dns-srv,http-proxy=socks5h://127.0.0.1:9050
-R --batch --no-tty --status-fd 2 -a -t --encrypt -r 0x<KEYID> -u 0x<KEYID>

so maybe this is not an issue that can be solved from within torbirdy :(

cheers!
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] What about GnuPG's --hidden-recipient option as default for torbirdy?
  - From: coderman
- Re: [tor-talk] What about GnuPG's --hidden-recipient option as default for torbirdy?
  - From: Sukhbir Singh

Prev by Author: Re: [tor-talk] Web browser for Android?
Next by Author: Re: [tor-talk] Avg packaged cell fullness - notice in logs
Previous by thread: Re: [tor-talk] Behind a very unkind ISP
Next by thread: Re: [tor-talk] What about GnuPG's --hidden-recipient option as default for torbirdy?
Index(es):
- Author
- Thread