On Sun 2018-02-04 18:52:22 +0100, Gaute Hope wrote: > This is done to hide Bcc-recipients.
sure, but i'm wondering why you throw *all* keyids, instead of only the key-ids of the bcc'ed people? > As you say, GnuPG must try all the secret keys; but many > users use some sort of keyring to unlock their keys - in which case > the hassle is limited to a bit extra time. I don't have any stats on > this though! right, but the sender can't know whether this is the case or not, i think. fwiw, i do agree with you that the onus is ultimately on the recipient's MUA to fix this UI/UX disaster; but why force it on them in the case where it doesn't actually eliminate any metadata leakage? (i.e., when they're in To: or Cc: already, and not Bcc'ed) --dkg
Description: PGP signature
_______________________________________________ notmuch mailing list email@example.com https://notmuchmail.org/mailman/listinfo/notmuch