choosing an encryption target from a User ID

David Shaw dshaw at JABBERWOCKY.COM
Tue Sep 22 22:41:25 CEST 2009

On Sep 22, 2009, at 1:11 PM, Daniel Kahn Gillmor wrote:

> when encrypting messages to a user ID with multiple matching keys with
> full calculated validity, gpg seems to just choose the "first"  
> matching
> key, for some definition of "first" -- i think it's decided by
> chronological age of first import into the local keyring.
> This does not seem to be the best heuristic.  here are some other
> proposed heuristics for choosing among multiple keys with full
> calculated User ID validity during encryption:
> 0) choose the most recently-created key
> 1) choose the key with the strongest supported encryption-capable
> subkey (by bitlength?)
> 2) encrypt to *all* matching keys

The problem with this sort of thing is that for every possible  
heuristic we can come up with, there is going to be someone who that  
heuristic breaks.  GnuPG has done the "first matching key" since the  
beginning, as did (old) PGP[1].  That behavior is baked deeply into  


[1] PGP has a GUI nowadays, so this sort of thing doesn't apply in the  
same way any longer.  I don't have my copy of PGP command line online  
at the moment, so I can't check what it does, but I'd be surprised if  
it didn't either take the first one or give an error message.

More information about the Gnupg-users mailing list