Matthew Krotzer wrote:
>       I've recently started using Gnupg and public key encryption
>       in general. In my research I believe I've read that the
>       --encrypt-to option is a bad idea because it creates another
>       option for an attacker. If the attacker has either key,
>       then they can decode what was sent to the recipient.

There is a lot of very bad advice out there.  This idea is an example of it.

The more people who know a secret, the more likely it is that secret
will get out.  That's a weakness in human beings, not a weakness in the
cryptosystem.

So long as you trust that your correspondents are using GnuPG safely and
correctly, and you trust they're not working with your enemies, use
--encrypt-to with confidence.

_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to