On Mon 2017-02-13 06:41:51 -0500, Bjarni Runar Einarsson wrote: > Step two: Encrypt using gpg --throw-keyids. > > This is easy on the sender's end, but whether this feature can be > used as a matter of course depends on how it impacts the > experience of the recipient.
Agreed that the recipient's side is the tough part of the problem to
crack.
You don't mention gpg's --try-all-secrets, --try-secret-keys, and
--skip-hidden-recipients options, which are all attempts to provide some
guidance to gpg about how to handle these things during decryption.
Maybe you want to read up on those too?
Unfortunately, I have yet to see a functional, non-aggravating workflow
for users who have multiple secret keys who receive encrypted messages
with hidden keyIDs.
It's almost like decryption of messages with hidden keyids and
per-decryption passphrase prompting (or even confirmation) are mutually
incompatible workflows :/
I'd love to be convinced otherwise.
--dkg
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
