-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi folks,
Context: I am trying to figure out how much visible metadata I can remove from an encrypted e-mail before it becomes completely unusable. Step one: stripping stuff from the message headers is relatively easy; minimal messages with all recipients in BCC are easy to create (yes, I know the SMTP envelope and SMTP logs still have the data - this is minimization of metadata, not eliminiation). Step two: Encrypt using gpg --throw-keyids. This is easy on the sender's end, but whether this feature can be used as a matter of course depends on how it impacts the experience of the recipient. This is where I have some questions and could use some guidance. Please feel free to correct me if I've gotten things wrong! (For those unfamiliar with --throw-keyids: it creates an encrypted message without any indicators as to which keys it is encrypted to - so the recipient has to "guess" - in practice GnuPG will try multiple secret keys until one works or it runs out of options.) Using GnuPG 1.4.20 to decrypt, there appears to be a problem where it only asks for one passphrase even if it is checking many keys. So the user has to guess which passphrase to provide and won't be asked again. Using GnuPG 2.1.11 to decrypt, I do get multiple passphrase prompts (one per key/subkey), but it doesn't seem to ask me about expired keys. I am guessing this was a usability trade-off, so long-time users of GnuPG don't have to answer dozens of passphrase prompts when decrypting. My questions: * Am I understanding the GnuPG 1.4 behaviour correctly? Is there a recommended workaround? * Will GnuPG 2.1.11 attempt to decrypt using an expired key if the message is old, or will old messages just become (effectively) inaccessible over time as keys expire? * Are the above behaviours different when using GnuPG non-interactively? * Can the caller influence these behaviours in any way? For example, can I force GnuPG to only try one specific key so my application can manage the experience and experiment with other "guessing" strategies? * How does GnuPG 2.0 behave? * Roughly when did the behaviour change between 1.4 and 2.1.11? Thanks in advance for any and all answers. :-) Cheers, - Bjarni -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJYoZuHAAoJEI4ANxYAz5SRFHUH/A/TuJEusZMZ9an3ZFMT61Mi qLInlvqKkx4JXQ4A7gtwMhgjj4t3YMSq6n/VKzeSjUkGdnXdyJJ5JwxHtymV7ob8 3S+WGvxzipLNe94C/2Vz2OfCjaIjIQ/qjNtY96pSIodEv9/GUug3epzTSvFXQ4A3 4XM471FaI+oVbnJPsetu7Ngwn3TTSWBnO872DL0gHOmvZt9R0QyZ3YTRC3kiKYib 9F2taZ0iRpj4svvNyomiA/itayUJzjq60F5EwsNwzGU3gS3Ue0MZc8GrkVHFgTVo ZWkygfByM0S31aI6qQkXeJbRsZTLzpgPmqFqtqwieHQLETcaYawuvLUGW7GYh3U= =wVH1 -----END PGP SIGNATURE-----
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
