[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sender-auth and ira

To: Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>
Subject: Re: sender-auth and ira
From: "Housley, Russ" <rhousley@xxxxxxxxxxxxxxx>
Date: Fri, 26 Oct 2001 14:20:44 -0400
Cc: ietf-smime@xxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Sender: owner-ietf-smime@xxxxxxxxxxxx

Peter:

> The whole point of BCC recipients is to keep their identities from other
> recipients.  If you are going to list them, then they are readily
> exposed.  I do not think that we should introduce this leak.

Isn't this leak is somewhat similar to the possibility of having
one encryption envelope with all addresses in it?

Yes. That is why the update to the MSG specification should address BCC in the contect of EnvelopedData.

Russ

References:
- Re: sender-auth and ira
  - From: Peter Sylvester

Prev by Date: Re: sender-auth and ira
Next by Date: RE: sender-auth and ira
Previous by thread: Re: sender-auth and ira
Next by thread: RE: sender-auth and ira
Index(es):
- Date
- Thread