choosing an encryption target from a User ID
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Sep 24 00:32:25 CEST 2009
On 09/23/2009 06:04 PM, Ingo Klöcker wrote:
> I'm pretty sure that this will break horribly as soon as the user ID
> contains non-ASCII characters (as does my user ID). For exactly this
> reason I made KMail use the key ID instead of the user ID about 7 years
What makes you think that non-ASCII characters would break a match?
Presumably, all the tools are passing UTF-8 strings to each other, and
GPG can easily find a match based on such a string.
For example, it certainly works fine from the shell:
0 dkg at pip:~$ echo test | \
> gpg --encrypt --trust-model always -r 'Ingo Klöcker' | \
> gpg --list-packets
:pubkey enc packet: version 3, algo 16, keyid 30CFDDC732319538
data: [2047 bits]
data: [2048 bits]
:encrypted data packet:
gpg: encrypted with 2048-bit ELG-E key, ID 32319538, created 2000-10-16
"Ingo Klöcker <kloecker at kde.org>"
gpg: decryption failed: secret key not available
2 dkg at pip:~$
> Is enigmail really still using the user ID?
I haven't dug into it deeply, but what i observed from my tests was that
if i switched the order of keys in my gpg keyring, enigmail selected a
different key for a recipient who had two keys with matching User IDs.
So i suspect that Enigmail is indeed passing the e-mail address at least
(if not the name) to gpg to select a reasonable key for encryption.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 891 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users