key lookup strategies

Ans ans at immerda.ch
Tue Nov 30 11:23:11 CET 2010


Hi

>> I know that it uses the first key to which the pattern applies and that
>> i could force the correct lookup using -r "<oo at bar.com>" but still it
>> seems somehow strange.
> 
> As stated in the manual the default is a substring search and thus you
> get what you asked for.

Ok, i see that. But the strange thing is not that it does a substring
search. The strange thing is that, when i do "gpg --encrypt -r oo at bar"
(and "-r" apparently stands for *receipient*, not "search string") it
just picks the first match and encrypts the mail with this key.

It doesn't even say: "Warning: there were 6 matches, i'm now picking a
random (*) key from those six, even though one would fit perfectly..."
no it just silently takes one, which is quite strange as a user-experience.

You might easily end up using the wrong key if you are not particularly
careful. (or if you are using another tool to talk to gpg, which does
not quote email adresses. that's how i found out...).

cheers
ans



(*) well not random, but since i cannot influence the ordering on my
keyring there's not much difference.



More information about the Gnupg-devel mailing list