On Fri, Oct 25, 2013 at 5:19 AM, Tom Ritter <[email protected]> wrote: > On 25 October 2013 03:37, Thomas Oberndörfer <[email protected]> wrote: >>> In order to do so, we need to be able to encrypt a payload (being a file >>> or a json blob) with multiple's recipient keys but without >>> leaving/leaking the KeyID . >> >> With an OpenPGP message this can only be done by creating a separate >> message for each recipient. But you might want to avoid to symmetrically >> encrypt the payload multiple times. There is currently no high level API for >> this scenario, but I think it's doable. > > > Couldn't you just throw the KeyID? That is, specify it as all 0's > (like gpg's --throw-keyid option). this won't kind the fact that it's > encrypted to 6 keys, but it will hide what those Key IDs are.
This isn't very secure: the message still amounts to a proof that it was encrypted for the given recipients. If you suspect who they are, now you know for sure. Geoffrey _______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
