[tor-talk] What about GnuPG's --hidden-recipient option as default for torbirdy?

Sukhbir Singh sukhbir.in at gmail.com
Wed Dec 18 01:25:16 UTC 2013


nb.linux:

> I was thinking whether it could be a good idea to have the
>   --hidden-recipient
> option for GnuPG set in torbirdy by default? (if at all possible [*])
> 
> `man gpg2' says
> --hidden-recipient name
> 
> -R     Encrypt for user ID name, but hide the key  ID  of  this  user’s
>        key.  This  option helps to hide the receiver of the message and
>        is a limited countermeasure against traffic  analysis.  If  this
>        option  or --recipient is not specified, GnuPG asks for the user
>        ID unless --default-recipient is
> [...]

Yes, what you described is a valid concern. In the previous release
(0.1.1), the `--throw-keyids' option was enabled by default, which does
the same thing as `--hidden-recipient' but for _all recipients_. From
the man page for `--throw-keyids':

"This option is essentially the same as  using --hidden-recipient for
all recipients."

But many users complained about this [1] so it is not the default option
in the latest release but you can still enable it in TorBirdy if you
want to. See [2] manual for more information.

[1] - https://trac.torproject.org/projects/tor/ticket/6941
[2] -
https://trac.torproject.org/projects/tor/wiki/torbirdy/preferences#a-DonotputtherecipientkeyIDsintoencryptedmessages

-- 
Sukhbir


More information about the tor-talk mailing list