now is the time to forget the whimpering child, become the warrior
8.3.1. Encrypting a message
To encrypt a message, select the option Encrypt Message before sending, and make sure the key icon in the lower right corner is lit. It is common practice to also sign a message you're encrypting.
To send an encrypted message to someone, you need to have his public key. If you have it, the key is automatically selected: Enigmail searches your keyring and selects the public key that has an user ID that matches the recipient's address. (Note: If you have set per-recipient rules, these will be looked up first. You will learn about per-recipient rules in Section 8.6.)
This is done for each recipient. Recipient addresses are all those specified in the mail headers To:, Cc:, and Bcc:.
Additionally, the message is also automatically encrypted with your own public key, to allow you to read (from the Sent folder) the messages you sent. This setting is regulated by the option OpenPGP → Preferences → Sending → Add my own key to the recipients list, and we recommend you leave this option checked.
As you see, this is pretty straightforward. But what happens if Enigmail is unable to select a public key for a recipient, for instance because you don't have it? In this case, Enigmail pops up the Key Selection window to ask you to select the key(s) by hand:
In the figure, I was trying to send an encrypted email to cryptoguy@domain.org, which let's imagine is set as an alias and forwards all mails to jrandomhacker@example.com. In this case, I would select John Random Hacker's public key, as shown in the figure, and click Ok. The message would then be sent to cryptoguy@domain.org encrypted with John Random Hacker's public key.
If I had to send mail to cryptoguy@domain.org often, it would be worth creating a per-recipient rule that says “Encrypt all mail that is sent to the address cryptoguy@domain.org with the public key associated with address jrandomhacker@example.com”. This can be done directly from the Key Selection window by clicking the Create per-recipient rule(s) button.
Alternatively, if John Random Hacker intends to use often his alias address, he should add the user ID cryptoguy@domain.org to his public key, and redistribute the updated key.
As you have learnt, a message can be encrypted with more than one public key.
In fact, it is usually encrypted with at least two public keys: yours (to let you be able to read a copy of the message) and the recipient's.
To be more precise, OpenPGP uses hybrid encryption. First it generates a random session key, and encrypts the message with the session key using a symmetric algorithm; then, for each intended recipient, it encrypts the session key with the recipient's public key and adds each encrypted session key to the encrypted message. It then builds an OpenPGP block, which includes an header containing the key IDs and user IDs of any public key the message has been encrypted with. Each recipient then receives the same OpenPGP block.
As a consequence, it is not possible to send to multiple recipients a message that is encrypted for some recipients and unencrypted for others. The message is sent out either encrypted or unencrypted for the whole list of recipients.
That being stated, you should not send encrypted messages to Bcc: recipients, because from the OpenPGP block each recipient is able to tell the identities of the others – hence thwarting the purpose of the Bcc: field. While Enigmail is able to do some workaround to hide the Bcc: recipients from the header, as a side-effect this could block users of other products (e.g. PGP Corp.) from being able to decrypt the message.