On 11/12/16 02:48, Carola Grunwald wrote: > Nevertheless the user has to get knowledge of such an attack, which is > why a header entry reporting the decoding status is added to the message > forwarded to the client: > > | O-Nym-Crypto: slot=19; sym=3; asym=1; esub=i; > account=myacco...@nym.mixmin.net > | O-Nym-Sig: Good signature (SHA1:[562619C278247C3B] Bananasplit Pseudonym > Server (Bananasplit Pseudonymous Email Server) <con...@nym.mixmin.net>; Sat, > 10 Dec 2016 02:25:44 +0000)
And is the message still delivered decrypted to the client? Because in that case, it seems that the only thing preventing a user from disastrously exposing the relation between two nym accounts is them noticing the mismatch in this little header in the mail. That seems like a really riskful user interface. Hopefully the message text is merely saying "Message encrypted to wrong key", right? Cheers, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
