Bcc, throw-keyids, and metadata hiding [was: Re: Announcing Astroid v0.11]

Gaute Hope eg at gaute.vetsj.com
Mon Feb 5 07:15:24 PST 2018


Daniel Kahn Gillmor writes on februar 5, 2018 9:33:
> On Mon 2018-02-05 08:33:36 +0100, Gaute Hope wrote:
>> Yes; this seems like the ultimate approach to this problem, unless 
>> it will be possible for GPG to completely hide receivers - I am guessing 
>> this is inherently impossible? 
> 
> I'm not sure how gpg could do that -- the metadata leak of most
> recipients (To:, Cc:) is *outside* of the material that GnuPG handles,
> since GnuPG doesn't see the mesage headers when it's encrypting the
> body.  Maybe i'm misunderstanding you though?
> 

I mean the recipient key list in the header of the encrypted 
packet [0][1]. I assume there must be a key list entry for each receiving key 
(even though it does not need to be accurate). It would be better to 
just remove the whole table of receiving keys, than setting each of them to 0.

Regards, Gaute

[0] https://www.ietf.org/rfc/rfc4880.txt
[1] https://crypto.stackexchange.com/questions/10253/why-are-the-first-few-bytes-of-a-gpg-encryption-always-the-same



More information about the notmuch mailing list