1996-03-12 - Re: PGP reveals the key ID of the recipient of encrypted msg
Header Data
From: “Mark M.” <markm@voicenet.com>
To: cypherpunks@toad.com
Message Hash: e4bd4d03ca6e77b56517b1a56941e02efb8923e4802faa2f3999291331584942
Message ID: <Pine.LNX.3.91.960311155124.214B-100000@gak>
Reply To: <199603110740.IAA06254@storm.certix.fr>
UTC Datetime: 1996-03-12 07:50:08 UTC
Raw Date: Tue, 12 Mar 1996 15:50:08 +0800
Raw message
From: "Mark M." <markm@voicenet.com>
Date: Tue, 12 Mar 1996 15:50:08 +0800
To: cypherpunks@toad.com
Subject: Re: PGP reveals the key ID of the recipient of encrypted msg
In-Reply-To: <199603110740.IAA06254@storm.certix.fr>
Message-ID: <Pine.LNX.3.91.960311155124.214B-100000@gak>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, 11 Mar 1996 savron@world-net.sct.fr wrote:
> I began testing PGP a few days ago ( I'm a PGP newbie ) and I found
> that it gives out the key ID of an encrypted message . From this you
> can get the identification of the recipient of the message , if it's
> someone who has publicaly distributed his key (keyserver , homepage
> ...) . So even if you are unable to decode the message you can find
> who is the recipient of a given message . I think this is a big
> privacy problem .
The recipient of the message is right in the "To:" header of the message.
If you anonymously remail a message, however, only the last remailer in the
chain will know to whom the message is encrypted, but the last remailer can
also just read the "To:" header. I don't find this to be a problem at all.
>
> The problem is carried along when you encrypt a message for multiple
> recipients , you get the key IDs of all the recipients and same
> problem as above . I think something like 'blind email copy' should
> be used , because the recipients don't have to know the identity of
> each other .
You could just encrypt a message to different key ID's seperately, rather than
in one pass of PGP. The would have the effect of Bcc.
- --Mark
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
markm@voicenet.com | finger -l for PGP key 0xf9b22ba5
http://www.voicenet.com/~markm/ | bd24d08e3cbb53472054fa56002258d5
"The concept of normalcy is just a conspiracy of the majority" -me
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
iQCVAwUBMUSTJrZc+sv5siulAQHN/QP/ck5/e0+o6HFte49ht2ivN4R/xdL0r5WS
aqWSHq2CO3zxnY1ko76TQ34mA+v6oPGJ8TsfgACsRWzEOOs/8lSwZM93YOIsmrLU
obLgqu9Vgt0jS8l5AEgr82ma7yHzu03LV77jXIuOn+1Amh2uXJtVs66AO5LHbJxn
aBtSPgfCCDY=
=vp/g
-----END PGP SIGNATURE-----
Thread
Return to March 1996
- Return to “Adam Shostack <adam@lighthouse.homeport.org>”
- Return to ““Mark M.” <markm@voicenet.com>”
Return to “savron@world-net.sct.fr”
- 1996-03-11 (Mon, 11 Mar 1996 17:14:12 +0800) - PGP reveals the key ID of the recipient of encrypted msg - savron@world-net.sct.fr
- 1996-03-11 (Mon, 11 Mar 1996 23:25:54 +0800) - Re: PGP reveals the key ID of the recipient of encrypted msg - Adam Shostack <adam@lighthouse.homeport.org>
- 1996-03-12 (Tue, 12 Mar 1996 15:50:08 +0800) - Re: PGP reveals the key ID of the recipient of encrypted msg - “Mark M.” <markm@voicenet.com>