When sending an encrypted message to multiple recipients, any recipient can see the total number of recipients, even if some of the key ids are missing. I think it would make sense if I could pipe an encrypted message through gpgsplit and ask it to remove all recipients except for the ones listed on the command line, so I could send multiple versions of the same message (with the same signature) to different people without them knowing the full recipient list.
gpgsplit is a debbugging tools and not intended for message mangling. I understand what you want to achieve and recall that we already had such a discussion a couple of years ago.
IIRC, the outcome was to suggest sending individual messageses instead.
As of today, it does not seem to be a good idea to add this to gpgsplit because applications using gpgme won't be able to profit from it. Given the very straightforward format of suchmessages, it seems to be easier to add such mangling direct to the MUA - after all most of them already keep a copy of the message to send and gpg can't do that as a filter program.
From: Simon Richter <Simon.Richter@hogyros.de>
To: bugs@trithemius.gnupg.org
Cc: gnupg-hackers@gnupg.org, gnats-admin@trithemius.gnupg.org,
wk@gnupg.org
Subject: Re: gnupg/421
Date: Tue, 15 Mar 2005 23:07:38 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
| gpgsplit is a debbugging tools and not intended for message mangling. |
I understand what you want to achieve and recall that we already had
such a discussion a couple of years ago.
| IIRC, the outcome was to suggest sending individual messageses instead. |
When doing that in connection with a smartcard, sending a single mail
will increment the signature counter multiple times, which may be confusing.
| As of today, it does not seem to be a good idea to add this to |
gpgsplit because applications using gpgme won't be able to profit from
it. Given the very straightforward format of suchmessages, it seems to
be easier to add such mangling direct to the MUA - after all most of
them already keep a copy of the message to send and gpg can't do that as
a filter program.
That would mean to effectively duplicate the mangling code, which may
introduce more bugs.
~ Simon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.92 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQCVAwUBQjdcp1Yr4CN7gCINAQLVHQP/ZSugzN0TK4H5eP4+qcbXjj5eGZyb7thX
b3B/uuCR1tMEHErKqJMbTX77Du0iWlPNKBnb/KWGh8vqB20mRAPmkfg0H+3SUj8i
dry6U/pXY9nNNb5cPIe5y18GHMAEuJLx48bGMLWsFPj4TjoPVjNqyykVhJCisZoa
C7gl4CUqozU=
-----END PGP SIGNATURE-----