Thanks for the reply. See inline, Robert J. Hansen wrote: >> 1. Is it possible, when transporting a message from Alice to Bob, >> without holding any of their private keys, to do the following checks: >> - verify the integrity of the message and make sure it is sanitized and >> Bob can decrypt it with his private key; [SNIP] > So no. Can't do this, sorry. You can check the message format to make > sure all the packets are well-formed and make sense, but you can't do > more than that. Only the message recipient can. > >> - verify that the message was encrypted for Bob and not for anyone else >> (Alice didn't mix recipients by mistake); > > Kind of, by checking the message format. >
If I have the public key of the recipient, I should be able to tell that a message was encrypted for that public key, except I am missing the private key to decrypt it. If I can check the message format I should be able to check this as well. How would I do this with gnupg? >> 2. Is it possible to have just one key (the primary one, no subkey) with >> E flag also (S,C,E) -- I know this is not recommended but this is a >> particular use case and the risks are acknowledged. I guess gnupg will >> not allow you to do this by default, but is there any magic that can be >> done? > > Yes. > How? I tried in expert mode but didn't manage.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
