From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 33A396DE01D0 for ; Sun, 4 Feb 2018 10:34:19 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.01 X-Spam-Level: X-Spam-Status: No, score=-0.01 tagged_above=-999 required=5 tests=[AWL=-0.010] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hD0t13CVnVXf for ; Sun, 4 Feb 2018 10:34:18 -0800 (PST) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id 559AA6DE0183 for ; Sun, 4 Feb 2018 10:34:18 -0800 (PST) Received: from fifthhorseman.net (ool-6c3a0662.static.optonline.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id 38719F99D; Sun, 4 Feb 2018 13:34:14 -0500 (EST) Received: by fifthhorseman.net (Postfix, from userid 1000) id DC77F20529; Sun, 4 Feb 2018 13:32:50 -0500 (EST) From: Daniel Kahn Gillmor To: Gaute Hope , astroidmail@googlegroups.com, notmuch@notmuchmail.org Subject: Re: Announcing Astroid v0.11 In-Reply-To: <1517765623.i18bm10e0r.astroid@strange.none> References: <1517741078.emojmmucvz.astroid@strange.none> <87y3k822b5.fsf@fifthhorseman.net> <1517765623.i18bm10e0r.astroid@strange.none> Date: Sun, 04 Feb 2018 13:32:47 -0500 Message-ID: <87mv0o1u7k.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.24 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Feb 2018 18:34:19 -0000 --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Sun 2018-02-04 18:52:22 +0100, Gaute Hope wrote: > This is done to hide Bcc-recipients. sure, but i'm wondering why you throw *all* keyids, instead of only the key-ids of the bcc'ed people? > As you say, GnuPG must try all the secret keys; but many=20 > users use some sort of keyring to unlock their keys - in which case=20 > the hassle is limited to a bit extra time. I don't have any stats on=20 > this though! right, but the sender can't know whether this is the case or not, i think. fwiw, i do agree with you that the onus is ultimately on the recipient's MUA to fix this UI/UX disaster; but why force it on them in the case where it doesn't actually eliminate any metadata leakage? (i.e., when they're in To: or Cc: already, and not Bcc'ed) --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEzicvlOwymaWlnoHjyu+ogyFnUzMFAlp3Uc8ACgkQyu+ogyFn UzNCEg/7BS3iov1uxluuJ2xxBR9gW6vQa7bXvIjy5sz4StGramwCC+idzkiGBfEK aAuim3Zw2rCsfGKsjDkr65/0ovnCVzzvh57+G1MIpgD6MG0SK12mHdaXwwyFE22t ogTwmFJ/ZC7Gq18t/AJOEIMUKYX86CiAS6hRKMqEuMZDoTgfm8d1sav8bSC+rK+/ zDQQVavQ7/OwS3f9j/Z2KyUcqYJ86tO/JWhSL2hiv5SBe9LP+fO/CWx+3C2K7Gt0 Gx+PFWrbBdK6GnuPDtRG+Adj6NPZ6YA9qxwlBo74UoDehOOFt9TtAPPQkVzwY0LD ZVBkV+zX8icJQsG10GAruLJrYPSckxNK+CP6msrtxK15G+OUXPmoGouq4Q0Byrpf ZpN8thYO71R6239rb2ptNEkB5GnYmN+RxU/1UuJSfl3ggSNCJqI7jtBXV6WbvilR lAjsKUkB/nV149rEZMx052zC5Z97Jd0nbN4RL9kSBow2EuIKOiA9iIISZoBcZ77p ONSVhogFyTNdyyImklvMnYgI+s5Hn83L08C23kEZhLbwdy6jeYInprrPPrEl8cXo AlFm1lg1vZGCKzQPljdQcRk0tTRbsTD2dHRsE/U9JX2zMdhnflWagP/VKZavcZw/ D/31aWiPZLx+bmT5Zi3kUbz9Ptqp/SeNA/kMUZwIfAqkp+gnB8Y= =n59s -----END PGP SIGNATURE----- --=-=-=--