throw-keyid modification

vedaal@lok.com vedaal@lok.com
Fri Oct 25 20:17:01 2002


>Date: Fri, 25 Oct 2002 08:47:43 -0400
>From: David Shaw <dshaw@jabberwocky.com>
>To: "GnuPG Users' List" <gnupg-users@gnupg.org>
>Subject: Re: Have key ID, but can't decrypt.

>Another way to do this is the --throw-keyid option, which keeps using
>your own key for encryption, but removes the keyid so it can't be
>traced. Unfortunately, --throw-keyid acts on *all* keys used, and not
>specific ones so it would remove the keyid of the recipient as well.
>I should look at that.

>David

Disastry has this modification in 2.6.3 multi 
for the fake keyid commands,
where each recipient (including the default encrypt to self) can have a fake or random id, and the 'real' recipient, the real id

{example: pgp +fake_keyid=123456789abcdef -e file sender recipient}
the message will be encrypted to the real key of the recipient,
and the 'fake key' of the sender,

gnupg will treat such an encrypted message as an ordinary one for the recipient,
but will require '--try-all-secrets' for the sender to be able to decrypt.
{requires an old v3 rsa key for experimentation, but can be generated in 
2.6.3 multi 'without idea' as the preferred recipient}

a possible modification might be to repeat the 'throw_keyid' command in front of each recipient for the completely anonymous throw-keyid message,
and to just leave it out, before the sender's key, 
for the 'modified-anonymous- sender' feature

{would love to see it,  ;)  }

with Respect,

vedaal