default secret key for decryption
Tue Jun 17 11:14:02 2003
CL Gilbert wrote:
> Andrew Kusnecov wrote:
> | Good day, sirs.
> | I'm using gnupg-1.2.2 and developing some automation script for my
> | needs, i.e.
> | web application wich can determine by it self person who is using it.
> | I have, for example, five (5) secret keys in secring.gpg and five
> | corresponding public keys in pubring.gpg. Can I encrypt some file for
> | some public keys (from mentioned above five keys) and indicate exactly
> | wich secret key (again, from mentioned above) gnupg should use and,
> | therefor, wich password should be used.
> Why do you have 5 secret keys? Not saying that you shouldn't, but its a
> little hard to understand your setup with multiple secret keys. Are
> they all part of different key-pairs? Are they sub-keys?
> When you encrypt to a public key, you do not need the secret key, or the
As I said before we're writing web application wich can recognise person by
whom it used to be envoked. And those keys are belong to different people. Why
they are stored together you ask? The system will have virtualy unlimited
count of users and I have no way to specify which pair of secring.gpg and
pubring.gpg to use other then direct it to "user's PGP folder" this means we
will have virtualy unlimited, as I mentioned earlier, directory tree. And more
to say, for every new user of the system we will have to introduce all present
users and for every present user - introduce new user. I mean exchange of
public pgp keys. Therefor all secret-public key-pairs are stored together -
all users are using one keyring. On other hand we (will) have an unified
management system and there are no needs to give for a user control over his
keyring or over common keyring.
Then specific situation, password for different systems/devices. One man
should have access to the password for this concrete system, other - shoul not
have access. And then, one password must be visible by two (or three, or five)
users. Apon entering to the system we have ID of user and corresponding key
and user will see only records wich were encrypted for him (encrypted using
his public key). But. For decryption we still have to present user's
passphrase (we have it because this user asked as for). And there is a problem
we are tring to solve. File encrypted for four people, man operating now in
the system is third (he appears third in the list of persons for whom file was
encrypted). How can I specify that I'm going to decrypt file using third key?