[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Chosen-ciphertext attack on receiver anonymity

On Mon,  4 Jul 2005 16:59:00 -0700 (PDT), "Hal Finney" said:

> Given the weak level of anonymity it affords, perhaps the zero keyid
> feature is misleading to users?  If so, should we consider deprecating
> it until we are willing to do the work necessary to do the job right?

For one recipient it is actually a valuable feature.  MTAs using this
to hide BCC messages are of course not using it proper - they need to
send several messages.

> Or we could at least put a note in the RFC emphasizing that this feature
> does not provide strong anonymity and should not be relied upon for
> that purpose.

A word on that there are problems when used with more than one
recipient would be good.  However, the wild card keyID is an OpenPGP
feature and how it it used is more a matter of the actual
implemention.  I'll add a warning to gpg's man page.