choosing an encryption target from a User ID

Daniel Kahn Gillmor dkg at
Thu Sep 24 00:32:25 CEST 2009

On 09/23/2009 06:04 PM, Ingo Klöcker wrote:
> I'm pretty sure that this will break horribly as soon as the user ID 
> contains non-ASCII characters (as does my user ID). For exactly this 
> reason I made KMail use the key ID instead of the user ID about 7 years 
> ago.

What makes you think that non-ASCII characters would break a match?
Presumably, all the tools are passing UTF-8 strings to each other, and
GPG can easily find a match based on such a string.

For example, it certainly works fine from the shell:

0 dkg at pip:~$ echo test | \
> gpg --encrypt --trust-model always -r 'Ingo Klöcker' | \
> gpg --list-packets
:pubkey enc packet: version 3, algo 16, keyid 30CFDDC732319538
	data: [2047 bits]
	data: [2048 bits]
:encrypted data packet:
	length: 64
	mdc_method: 2
gpg: encrypted with 2048-bit ELG-E key, ID 32319538, created 2000-10-16
      "Ingo Klöcker <kloecker at>"
gpg: decryption failed: secret key not available
2 dkg at pip:~$

> Is enigmail really still using the user ID?

I haven't dug into it deeply, but what i observed from my tests was that
if i switched the order of keys in my gpg keyring, enigmail selected a
different key for a recipient who had two keys with matching User IDs.

So i suspect that Enigmail is indeed passing the e-mail address at least
(if not the name) to gpg to select a reasonable key for encryption.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090923/ad48107d/attachment.pgp>

More information about the Gnupg-users mailing list