Matthew Krotzer wrote: > I've recently started using Gnupg and public key encryption > in general. In my research I believe I've read that the > --encrypt-to option is a bad idea because it creates another > option for an attacker. If the attacker has either key, > then they can decode what was sent to the recipient.
There is a lot of very bad advice out there. This idea is an example of it. The more people who know a secret, the more likely it is that secret will get out. That's a weakness in human beings, not a weakness in the cryptosystem. So long as you trust that your correspondents are using GnuPG safely and correctly, and you trust they're not working with your enemies, use --encrypt-to with confidence. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
