GPG and BCC
Nicolai Josuttis
nico at josuttis.de
Thu Apr 10 18:03:17 CEST 2014
Recently I was reading
http://crypto.stanford.edu/portia/papers/bb-bcc.pdf
However, I don't know how old this article is and whether we still have
a conceptional or concrete problem using encryption and bcc with GPG.
I also found no answer on this in the FAQ you "startpaging" (using
startpage.com) the terms.
So:
Can anybody answer/explain whether there is or might be a problem or
risk if using encryption combined with bcc addresses with GPG?
And if so, what should I do/avoid to run into this problem?
I am especially interested in an answer which helps me to understand
WHY there is or might be a/no problem.
In fact:
- Does GPG reveal the number of BCC rcipients?
- Does GPG reveal BCC identities (partially)?
If the answer depends on the browser or other components, please tell me.
The reason I ask is because for a UI to be programmed on top of GPG
I want to understand which warnings I should raise or
what I should deny
when users try to send encrypted emails also to bcc receivers.
And if there is a place discussing and answering that please tell me.
I didn't find one.
Thanks a lot.
--
Nico
More information about the Gnupg-users
mailing list