simplifying the use of --throw-keyid option
David Shaw
dshaw@jabberwocky.com
Thu Apr 3 07:22:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Apr 02, 2003 at 10:18:07PM -0600, David Champion wrote:
> * On 2003.04.02, in <20030403003119.GI2873@jabberwocky.com>,
> * "David Shaw" <dshaw@jabberwocky.com> wrote:
> >
> > All keys are tried until one successfully decrypts the message. In
> > the example you give, even though an earlier secret key has the same
> > passphrase, GnuPG will continue processing until it hits the right
> > key.
>
> Nonetheless, would it work out to make the -u option specify, say, the
> first key to try? It might make the operation faster, if nothing else,
> although I'm not sure how many people process messages with thrown key
> IDs in bulk. But the help text for -u suggests that this should work, so
> perhaps it's not out of scope.
Part of the point of thrown keyids is that the local user can't know
which secret key to decrypt with. They'd have to try every key
manually, which defeats the point of using -u for a speed improvement.
Even assuming the local user happens to know via whatever means which
secret key to use, unless the user has a massive number of secret keys
to try, there is no real advantage to this.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2rc1 (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc
iD8DBQE+i8Ud4mZch0nhy8kRAgS3AJ9ao1XXtrPePR0XxrtwhMi+NO1BYwCghZ3I
nJQkVRA/T5ASJ6C3KfR5b2c=
=Yc7e
-----END PGP SIGNATURE-----