[cryptography] LeastAuthority.com announces PRISM-proof storage service

Werner Koch wk at gnupg.org
Fri Aug 16 06:42:56 EDT 2013


On Thu, 15 Aug 2013 13:11, wasabee18 at gmail.com said:
> To: and From: headers leak the emails/identity of communicating parties,
> but it's not the only place that happens. I've never used PGP but I've used

OpenPGP allows sending messages without information on the used keys
(e.g. gpg --throw-keyids).  Folks using many secret keys need to have a
bit more patience due to the required trial decryptions.

> keywrap structure. If the email is present, it will leak even if To/From
> were protected somehow. Even if the email is not present, maybe the cert

A mail can easily be wrapped into an message/rfc822 container along with
more innocent outer headers.  This would allow to keep on using the
existing mail infrastructure.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



More information about the cryptography mailing list