[Top] [All Lists]

Re: sender-auth and ira

2001-10-26 11:23:46


> The whole point of BCC recipients is to keep their identities from other
> recipients.  If you are going to list them, then they are readily
> exposed.  I do not think that we should introduce this leak.

Isn't this leak is somewhat similar to the possibility of having
one encryption envelope with all addresses in it?

Yes. That is why the update to the MSG specification should address BCC in the contect of EnvelopedData.


<Prev in Thread] Current Thread [Next in Thread>