On 01/28/2014 02:35 AM, Patrick Brunschwig wrote: > gpg --list-packets <input file or stdin>
This indicates which keys the given e-mail *appears* to be encrypted to; but without the secret key material for each key, it's not possible to verify that the message is actually decryptable by that key. That is, it's possible to create a PK-ESK OpenPGP packet with a spoofed target key ID field (and it's even documented in the spec that a target key ID field of all-zeros is commonly used as a "hidden" recipient). https://tools.ietf.org/html/rfc4880#section-5.1 This is probably not surprising if you've thought about the underlying math and the way it fits into the OpenPGP protocol, but it's worth noting explicitly, lest other folks get the idea that the presence (or absence) of a key ID in a PK-ESK on a given message is some sort of guarantee that the message is decryptable (or not) by that key. --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net