On Wed, May 12, 2010 at 02:59:44AM +0200, Joke de Buhr wrote: > On Wednesday 12 May 2010 02:08:27 Daniel Kahn Gillmor wrote: > > yup, i think this is a good argument for your proposed behavior. what i > > haven't seen yet (haven't thought through yet) is what the > > counter-arguments might be. > > One possible argument against it could be the increased size of the encrypted > message. But the size of an email isn't that important nowadays and if size > matters the user should set a compression (bzip2) algorithm within the key > settings.
Just for the record: no, the encrypted message will not be much larger. The way OpenPGP encryption works is that a new, random, once-only session key is generated each time you want to encrypt a message to one or more recipients; the message itself is encrypted using a symmetric algorithm, and only the session key is encrypted using the asymmetric algorithm specified by the users' OpenPGP encryption keys. Thus, only the session key (a couple of hundred bytes at most, and usually just a couple of dozens of bytes) will be encrypted over and over again for each recipient's encryption key - and, in the case discussed, for each encryption subkey of each recipient's key. Well, of course, if you're encrypting a single-byte message, the overhead might be detectable... :) G'luck, Peter -- Peter Pentchev [email protected] [email protected] [email protected] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false.
pgpMtvMTTQ0wA.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
