gpg - difference --encrypt-to and --recipient

Damien Goutte-Gattat dgouttegattat at incenp.org
Mon Dec 31 13:45:44 CET 2018


On Mon, Dec 31, 2018 at 07:17:21AM +0100, Dirk Gottschalk via Gnupg-users wrote:
> Yes, that's correct. Anyways, I prefer using the --hidden-recipient for
> this purpose. That prevents the disclosure of the communication paths
> with pure GPG-Packet analysis.

You do realize that, in the case of e-mail, the communication paths are
already disclosed by the SMTP protocol (command "RCPT TO") and the mail
headers ("From", "To", and the like), which both are outside the scope
of OpenPGP protection?

Using --hidden-recipient only protects against an hypothetic attacker
who is somehow only able to obtain the email body (the OpenPGP message
itself) without the surrounding metadata.


- Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181231/7399e0f7/attachment.sig>


More information about the Gnupg-users mailing list