Yes I think I can live with those characteristics of the system. Thanks for your analysis!
-Adrian -----Original Message----- From: David Shaw <[EMAIL PROTECTED]> Date: Tue, 5 Feb 2008 13:50:56 To:Adrian Thurston <[EMAIL PROTECTED]> Cc:gnupg-users@gnupg.org Subject: Re: can you see any problem with this? On Tue, Feb 05, 2008 at 01:28:08PM -0500, Adrian Thurston wrote: > My application is here: > > http://www.cs.queensu.ca/~thurston/fif/ > > I'm encrypting messages and making them publicly available over static > HTTP. Anyone who knows the right URL can grab a message and I don't want > recipients to be identifiable. > > Another issue is that the number of recipients and the size of messages > may both get very large. A single encrypted message is therefore very > attractive. In that case, doing something like this may work for you: gpg -o output.gpg -R recipient1 -R recipient2 -e thefile.txt gpgsplit output.gpg for i in *.pk_enc do cat $i *.encrypted > `echo $i | sed -e 's/\-001\.pk_enc//'` done You'll end up with a directory full of files, one per recipient, and each a valid OpenPGP message, but all of them protected via throw-keyid. I'll leave it as an exercise for the reader to determine which file goes with which recipient ;) Caveats: If Alice and Baker both get a message, and Alice knows which file Baker got, Alice can decrypt Baker's message using her own session key, thus revealing to Alice that Baker got the same message that Alice did. The "non-identifiable" feature with -R (aka throw-keyid) is only as good as throw-keyid is, which is pretty good but not perfect. You may or may not care about these caveats. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users