[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] What about GnuPG's --hidden-recipient option as default for torbirdy?



Hi,

I was thinking whether it could be a good idea to have the
  --hidden-recipient
option for GnuPG set in torbirdy by default? (if at all possible [*])

`man gpg2' says
--hidden-recipient name

-R     Encrypt for user ID name, but hide the key  ID  of  this  userâs
       key.  This  option helps to hide the receiver of the message and
       is a limited countermeasure against traffic  analysis.  If  this
       option  or --recipient is not specified, GnuPG asks for the user
       ID unless --default-recipient is given.


I don't see why I should write the key used for encryption on the
envelope.. "They" already have the email address as "meta-data", so
there's no need to tell them which key was used.

Use cases:
- I have a key with some UIDs, but the key is used for other email
accounts, too, that are not publicly linked to the key. Then, I could
tell a good friend to use this email address (e.g. an address that makes
it difficult to guess who I am) with my key.
- I send someone an email but want to have the possibility to say that
the message was meant for someone else and I just confused the email
addresses (ok.. this is a weak argument)


When using the CLI and encrypting a normal file, the recipient/decrypter
gets
$ gpg -a -t --encrypt -R 0x<KEYID> -o secret_message
hello world
$ gpg  -o - secret_message
gpg: anonymous recipient; trying secret key <OTHER KEYID> ...
# passphrase for the default secret key asked
gpg: anonymous recipient; trying secret key <KEYID> ...
gpg: okay, we are the anonymous recipient.
gpg: encrypted with RSA key, ID 00000000
# plaintext secret message: hello world

the two secret keys tried are my signing/encryption subkeys. I assume
that someone with more secret keys with different passphrases will be
asked for pinentry some more times. That could be annoying if you have
plenty of keys...


[*] EDIT
After I added the switch to the Enigmail options, sending the email
failed because Enigmail added the '-R' too early
enigmail> /usr/bin/gpg2 --charset utf-8 --display-charset utf-8
--no-emit-version --no-comments --display-charset utf-8
--keyserver-options
no-auto-key-retrieve,no-try-dns-srv,http-proxy=socks5h://127.0.0.1:9050
-R --batch --no-tty --status-fd 2 -a -t --encrypt -r 0x<KEYID> -u 0x<KEYID>

so maybe this is not an issue that can be solved from within torbirdy :(

cheers!
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk