1996-03-11 - PGP reveals the key ID of the recipient of encrypted msg
Header Data
From: savron@world-net.sct.fr
To: cypherpunks@toad.com
Message Hash: d5651b468329f60d461466056b2db3e5bcf1865c94365b107b3e3b12c91fa440
Message ID: <199603110740.IAA06254@storm.certix.fr>
Reply To: N/A
UTC Datetime: 1996-03-11 09:14:12 UTC
Raw Date: Mon, 11 Mar 1996 17:14:12 +0800
Raw message
From: savron@world-net.sct.fr
Date: Mon, 11 Mar 1996 17:14:12 +0800
To: cypherpunks@toad.com
Subject: PGP reveals the key ID of the recipient of encrypted msg
Message-ID: <199603110740.IAA06254@storm.certix.fr>
MIME-Version: 1.0
Content-Type: text/plain
I began testing PGP a few days ago ( I'm a PGP newbie ) and I found
that it gives out the key ID of an encrypted message . From this you
can get the identification of the recipient of the message , if it's
someone who has publicaly distributed his key (keyserver , homepage
...) . So even if you are unable to decode the message you can find
who is the recipient of a given message . I think this is a big
privacy problem .
The problem is carried along when you encrypt a message for multiple
recipients , you get the key IDs of all the recipients and same
problem as above . I think something like 'blind email copy' should
be used , because the recipients don't have to know the identity of
each other .
Comments from long time PGPer will be welcome
Thread
Return to March 1996
- Return to “Adam Shostack <adam@lighthouse.homeport.org>”
- Return to ““Mark M.” <markm@voicenet.com>”
Return to “savron@world-net.sct.fr”
- 1996-03-11 (Mon, 11 Mar 1996 17:14:12 +0800) - PGP reveals the key ID of the recipient of encrypted msg - savron@world-net.sct.fr
- 1996-03-11 (Mon, 11 Mar 1996 23:25:54 +0800) - Re: PGP reveals the key ID of the recipient of encrypted msg - Adam Shostack <adam@lighthouse.homeport.org>
- 1996-03-12 (Tue, 12 Mar 1996 15:50:08 +0800) - Re: PGP reveals the key ID of the recipient of encrypted msg - “Mark M.” <markm@voicenet.com>