<html><body><span class="xfm_56603794"><br/><br/><div style="font-size:0.9em;font-style:italic;"> --- Original message ---<br/> From: "Trevor Perrin" <firstname.lastname@example.org><br/> Date: 17 August 2015, 23:29:36<br/></div>
<br/>>Bob doesn't know if he was Alice's intended recipient.
<br/>>Bob just knows Alice sent the message to someone (because she signed
it), and someone encrypted it to him.
>Trevor<br/><br/>Alice can include the Bob's (recipient) identity to message before signing, then encrypt for Bob. In this case Bob was ensure that this message was composed for Bob, not for someone other.<br/>But problem is loss of deniability after Bob disclosed his privat key (or leaks occures). The fact is Alica wrote this for Bob.<br/>There are some one-pass deniable authentication schemes (for examples, nida ) but I dont know about this with using PGP containers.<br/>Van.<br/><br/> http://torfone.org/download/nida.pdf<br/><blockquote class="xfmc1" style="border-left:1px solid rgb(204, 204, 204);margin:0px 0px 0px 0.8ex;padding-left:1ex;"><pre><br/></pre>
</blockquote> </span><img src="https://mail.ukr.net/api/public/message_read?a=gKmgv9dJOFKr1qfkfopsNCLgCdozFsvlWlxOfb3CJhSsfylJt5WL_vBmkaGOcFv9xXRtWaid46LYmeQ0bqNoDDaVaasq4wBYGVduZeMnsw==" alt="" width="1" height="1" style="visibility: hidden; width: 1px; height: 1px;"/> </body></html>