Problem encrypting to a hushmail gpg key

vedaal at vedaal at
Tue Jan 26 19:52:15 CET 2010

Sean Rima <sean () srima wrote on Date:  2010-01-17 17:23:31 :

>A friend on the pgpnet mailing list is using a gpg 
key >but when I import it, I get

>gpg: key C4E23A82: public key ""---- at" 
<jefallen at>"
>gpg: Total number processed: 1
>gpg:               imported: 1  (RSA: 1)


:public sub key packet:
        version 4, algo 2, created 1262830846, expires 0
        unknown algorithm 2


the above listed public subkey packet is the encryption key

i imported it directly from hushmail


click on 'key management'
then enter the hushmail email address and retrieve the key )

and encrypted to it without any problem.


it is not a great idea to use hushmail keys for open pgp encryption 
or authentication

(1) the keys are not updated, and can't be for the same email 
so, for example, i've been with hushmail since it started, and my 
key is a 1024 bit key and signs with SHA-1
(to be fair, i imagine that whenever this becomes a 'real' threat, 
hushmail will allow for modifications/new keys)

(2) the hushmail user probably will not be able to decrypt a gnupg 
encrypted message in hushmail if the encryption algorithm chosen 
isn't currently being used by hushmail, which, depending on how old 
the key is, may not be the encryption algorithm listed on the key,

and if the hushmail user uses gnupg (preferable ;-) ), then he/she 
would be better off generating a new key in gnupg, and just leave 
the hushmail key for hushmail users

(i use my hushmail key only for hushmail/hushtools)


More information about the Gnupg-users mailing list