ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: forwarding an encrypted message

2002-04-10 10:42:41
from [vedaal] [Permanent Link] 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

- ----- Original Message ----- 
From: <john(_dot_)dlugosz(_at_)kodak(_dot_)com>
To: <vedaal(_at_)hotmail(_dot_)com>
Cc: <ietf-openpgp(_at_)imc(_dot_)org>
Sent: Wednesday, April 10, 2002 12:01 PM
Subject: re: forwarding an encrypted message
...


What is the "throw-keyid" switch?

...

the throw-keyid switch is an option in GnuPG, and also in Disastry's
2.6.31a-multi 5, {but not available in any other PGP implementation}

the throw-keyid option allows for replacing the key id that a message was
encrypted to, with a 'blank' one, {indicating that
the sender wishes the recipients (and the sender as well, if also encrypted
to self by default) to remain anonymous.

the recipient must try 'all secret keys' , and if the appropriate secret
key is on the recipient's keyring, the message will decrypt
upon entry of the correct passphrase.
there is no other indication of which key or keys the message was encrypted
to, and the default encryption to the sender's 
key is also not detectable, even after successful decryption by the
recipient.

there is 'sort of' a way to prevent a signed message from being forwarded,
without changing any requirements, and without
any ways around it:

[1] encrypt, but do not sign,  the original message, 
[2] then, sign and encrypt the first encrypted message

the recipient verifies the signature, and knows that the  unsigned
encrypted message was sent by the reciever and intended
for the recipient.

nothing can prevent the recipient from forwarding the 'content' of the
message,
but unless the recipient wants to decrypt in front of witnesses, there is
no other way to link the plaintext to the sender's signature.

all the best,
vedaal

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt   build 7      http://www.ipgpp.com/
Comment: { Acts of Kindness better the World, and protect the Soul }
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423  D9AE 02FD A711 97BA

iQEVAwUBPLR5H2oFoLeFMG0lAQNohQf+MXdDsb0DxxnIO9NhB5BDZJ/uuTYdmmjY
gZoK0L5R+iPVQzChlLsbEr9xLlhP5at8KcRKu3soEFNdEQqdJ60yfB7hzJg82utX
dTMsxZWvidqvZcVZn9IQJmqANszKg060zEMXLYMTcu+D3imHSjOEyxv1XnaJZji7
metCyVf04Nyl2LU7tJsgSJXlYnkYR10m4uYv9EPtu+uzf8vsUMzS9+1BAryLYvmc
NOqn/bhA3eM7scf5u7HRL6hPa8zT9zUU2GWAk55Lf0qaR3kDG0DxShEmLnLc/Wg5
Ls03q40W12YXz8Smvo2exUa97VEgSwCjY4M2wIeUHJNg50jbv26nfw==
=Ld9Q
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Bug#40394: forwarding an encrypted PGP message is useless, Marc Mutz
Next by Date:  Re: Bug#40394: forwarding an encrypted PGP message is useless, Keith Moore
Previous by Thread:  re: forwarding an encrypted message, john . dlugosz
Next by Thread:  Re: forwarding an encrypted message, David Shaw
Indexes:  [Date] [Thread] [Top] [All Lists]