From: “Robert A. Rosenberg” <hal9001@panix.com>
To: savron@world-net.sct.fr
Message Hash: c465cad8593bb0cb10cba64e6d2556d091f696302da1bbf9dfb0ad7a884a2d47
Message ID: <v02140b06ad6a377d44bf@[165.254.158.237]>
Reply To: N/A
UTC Datetime: 1996-03-12 05:31:50 UTC
Raw Date: Tue, 12 Mar 1996 13:31:50 +0800
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Tue, 12 Mar 1996 13:31:50 +0800
To: savron@world-net.sct.fr
Subject: Re: PGP reveals the key ID of the recipient of encrypted msg
Message-ID: <v02140b06ad6a377d44bf@[165.254.158.237]>
MIME-Version: 1.0
Content-Type: text/plain
At 2:25 3/11/96, savron@world-net.sct.fr wrote:
>I began testing PGP a few days ago ( I'm a PGP newbie ) and I found
>that it gives out the key ID of an encrypted message . From this you
>can get the identification of the recipient of the message , if it's
>someone who has publicaly distributed his key (keyserver , homepage
>...) . So even if you are unable to decode the message you can find
>who is the recipient of a given message . I think this is a big
>privacy problem .
There is little that can be done about this. There must be something in the
message to identify who it is intended to be read by. As someone else has
stated, you can always set up private keys to be used to send to you that
are different from your Public KeyID for cases where you want to hide your
identity or that of the party you are communicating with.
>The problem is carried along when you encrypt a message for multiple
>recipients , you get the key IDs of all the recipients and same
>problem as above . I think something like 'blind email copy' should
>be used , because the recipients don't have to know the identity of
>each other .
If you want to hide the recipient list, then send separate messages to each
recipient - each of which is only encrypted to that one respective
recipient.
Return to March 1996
Return to ““Robert A. Rosenberg” <hal9001@panix.com>”
1996-03-12 (Tue, 12 Mar 1996 13:31:50 +0800) - Re: PGP reveals the key ID of the recipient of encrypted msg - “Robert A. Rosenberg” <hal9001@panix.com>