On 23/11/16 18:54, Carola Grunwald wrote: > Which relevant information does the single Received: header, describing > the recipient MTA's interaction with the exit remailer, leak?
If you sign the data just before the interaction, the signature time and the time noted in the Received:-header are virtually identical, so the signature time doesn't leak data. > Not real-time Tor but remailers providing latency. You got it. > [...] > You can send your PGP message to and fro around the world through > as many servers as you like hiding all your traces thus removing sender > metadata. With TLS you can't. I think other people were thinking you wanted to use regular mail transports in combination with your OpenPGP layer. Thus, only very few MTA's would be involved and they would all be under the administration of either the sending, or the receiving party. That is, the exact two parties who have access to the private keys in the scheme you proposed. Hence the noted similarity. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
