https://bugs.kde.org/show_bug.cgi?id=335117
Bug ID: 335117 Summary: Information leak when using GPG on Bcc recipients Classification: Unclassified Product: kmail2 Version: 4.12.4 Platform: Debian unstable OS: Linux Status: UNCONFIRMED Severity: normal Priority: NOR Component: crypto Assignee: kdepim-bugs@kde.org Reporter: n...@naturalnet.de When sending e-mail to several recipients, of which some are Bcc with the intention to hide them from the other recipients, using GPG leaks information about those because the used encryption keys are visible on the encrypted message. GPG has a -R option that hides the used encryption key, and this method is most likely also exposed through whatever KMail uses to run GPG. It should be used for all Bcc recipients in order to not disclose their existence! Reproducible: Always -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs