On Apr 27, 2009, at 7:04 AM, Harakiri wrote:
I'm not sure if Enigmail has sufficient control
here (due to the
Thunderbird restrictions), but if possible, it might
be wise to handle
Bcc's recipients with --hidden-recipient instead
of --recipient (i.e.
"-r"). That would better duplicate the
standard expectations of a
user using Bcc: the regular recipients can all see who
the recipients
are, but not the Bcc'd people. As things stand
now, any recipient can
see who was Bcc'd, which sort of removes the
"B" from the Bcc.
Excellent suggestion, David. Thank you.
Filed as an RFE in Bugzilla:
https://www.mozdev.org/bugs/show_bug.cgi?id=20867
Bad idea, read my comment on the bug - what good is a setting when
you can only communicate with people which use GPG - and the other
80% which use PGP Desktop cant decrypt your message?
I don't think I was nearly clear enough. My thought is that since the
current Bcc doesn't actually give you Bcc - it's essentially a Cc (non-
blind), it might be better to --hidden-recipient those on the Bcc
line. Completely true that it means that PGP users can't be the Bcc
people, but it is not at all true that it blocks all PGP users. PGP
quite happily ignores hidden recipients, as per the RFC (it isn't
required to implement them, but it is required to not blow up when it
sees them).
Sure, PGP people don't benefit from the Bcc... but they don't benefit
now either. At least this allows for someone to benefit, rather than
nobody.
I don't think this really lets you get rid of the warning message from
Enigmail, though. The user may not know if a given user is using PGP
or GPG, and needs to be warned that a PGP user on the Bcc line won't
be able to decrypt.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
