default secret key for decryption

Andrew Kusnecov
Tue Jun 17 11:14:02 2003

CL Gilbert wrote:
> Andrew Kusnecov wrote:
> | Good day, sirs.
> |
> | I'm using gnupg-1.2.2 and developing some automation script for my
> | needs, i.e.
> | web application wich can determine by it self person who is using it.
> |
> | I have, for example, five (5) secret keys in secring.gpg and five
> | corresponding public  keys in pubring.gpg. Can I encrypt some file for
> | some public keys (from mentioned above five keys) and indicate exactly
> | wich secret key (again, from mentioned above) gnupg should use and,
> | therefor, wich password should be used.
> Why do you have 5 secret keys?  Not saying that you shouldn't, but its a
> little hard to understand your setup with multiple secret keys.  Are
> they all part of different key-pairs?  Are they sub-keys?
> When you encrypt to a public key, you do not need the secret key, or the
> password.

As  I  said  before we're writing web application wich can recognise person by
whom it used to be envoked. And those keys are belong to different people. Why
they  are  stored  together  you  ask? The system will have virtualy unlimited
count  of  users  and  I  have no way to specify which pair of secring.gpg and
pubring.gpg  to  use other then direct it to "user's PGP folder" this means we
will have virtualy unlimited, as I mentioned earlier, directory tree. And more
to say, for every new user of the system we will have to introduce all present
users  and  for  every  present  user - introduce new user. I mean exchange of
public  pgp  keys.  Therefor all secret-public key-pairs are stored together -
all  users  are  using  one  keyring.  On other hand we (will) have an unified
management  system  and there are no needs to give for a user control over his
keyring or over common keyring.
Then  specific  situation,  password  for  different  systems/devices. One man
should have access to the password for this concrete system, other - shoul not
have access. And then, one password must be visible by two (or three, or five)
users.  Apon  entering  to the system we have ID of user and corresponding key
and  user  will  see only records wich were encrypted for him (encrypted using
his  public  key).  But.  For  decryption  we  still  have  to  present user's
passphrase (we have it because this user asked as for). And there is a problem
we  are  tring  to solve. File encrypted for four people, man operating now in
the system is third (he appears third in the list of persons for whom file was
encrypted). How can I specify that I'm going to decrypt file using third key?