nb.linux: > I was thinking whether it could be a good idea to have the > --hidden-recipient > option for GnuPG set in torbirdy by default? (if at all possible [*]) > > `man gpg2' says > --hidden-recipient name > > -R Encrypt for user ID name, but hide the key ID of this user’s > key. This option helps to hide the receiver of the message and > is a limited countermeasure against traffic analysis. If this > option or --recipient is not specified, GnuPG asks for the user > ID unless --default-recipient is > [...]
Yes, what you described is a valid concern. In the previous release (0.1.1), the `--throw-keyids' option was enabled by default, which does the same thing as `--hidden-recipient' but for _all recipients_. From the man page for `--throw-keyids': "This option is essentially the same as using --hidden-recipient for all recipients." But many users complained about this [1] so it is not the default option in the latest release but you can still enable it in TorBirdy if you want to. See [2] manual for more information. [1] - https://trac.torproject.org/projects/tor/ticket/6941 [2] - https://trac.torproject.org/projects/tor/wiki/torbirdy/preferences#a-DonotputtherecipientkeyIDsintoencryptedmessages -- Sukhbir -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
