Version: (using KDE KDE 3.3.1) Installed from: Gentoo Packages Compiler: gcc (GCC) 3.3.4 20040623 (Gentoo Linux 3.3.4-r1, ssp-3.3.2-2, pie-8.7.6) OS: Linux Using gnupg (gpgme) and kontact of kde-3.3.1, messages are not encrypted correctly when I set a BCC to myself. Example: Message with From: David To: Alice BCC: David ..should be encrypted with the keys of both Alice and David, but only gets encrypted with David's key. Sending the same message with From: David To: Alice CC: David ..and no BCC: works prefectly. Please note that the correct key-IDs are shown to me by kontact before sending (i.e. the Keys of David and Alice), but obviously only David's is used. This leads to the sending of messages that are unwantedly not readable by the recipient (To:), but only by the sender, which can be pretty disturbing ;) I have tried this with both gnupg 1.2.6 and the software versions described in [1], no difference. This behaviour appeared after the upgrade from kde 3.3.0 to 3.3.1; it was not present before. (I also updated gpg from 1.2.4 to 1.2.6, but I don't believe this is the cause). If any other information or tests are desired, I shall be happy to provide them. [1] http://kmail.kde.org/kmail-pgpmime-howto.html
> From: David, To: Alice, BCC: David > ..should be encrypted with the keys of both Alice and David, but only gets > encrypted with David's key. That's correct. The point of BCC is that the recipients in To: and CC: do not know that the recipients in BCC are receiving the message. Having the email encrypted to the BCC recipients would defeat this. Kmail 1.6.1 solves this by sending seperately encrypted copies to the BCC recipients. (So in the above example, Alice would get the mail just encrypted to Alice and David would get the mail encrypted to Alice and David). Is it different in kontact/newer kmail?
Yes, I know about the problem of unwanted revealing of BCC recipients to others, and I have seen that KMail/kontact sends two messages. This worked perfectly until kde 3.3.0, but with 3.3.1, the message that arrives at the remote destination on the To: (i.e. Alice in the above example) is not encrypted with Alice's key at all, but only with David's. This can't be correct behavior ;)
I think this is rather major.
I can't reproduce the problem as it's described in the bug report. Therefore I think this bug is in fact a duplicate of bug 92412. If that's not the case then we need an exact description how to reproduce the problem (including a key for Alice which we can use for testing).
Thanks for your comment and for your work! I shall look into this and keep you posted. In the meantime, would it be possible that you generate a patch against the kdepim-3.3.1 tarball, so I can test if that patch makes the problem definetly go away?
OK, it seems there was a misunderstanding between me and the recipient of the messages of the type explained above I sent. So very probably, this is really a duplicate of bug 92412, as my recipient recieves empty messages for which he is required to enter his passphrase in order to view them. Belase note, however, that the messages (of the type specified in this report) I sent to him were also signed, but arrived encrypted (and empty) but unsigned with him. I would be happy to test the patch you submitted to CVS if you made a version of it against latest kdepim source tarball (3.3.1), and if that fixes the problem, I personally think this report can be closed.
*** This bug has been marked as a duplicate of 92412 ***