I can't stop encryption being done with a wrong key

Andreas Heinlein aheinlein at gmx.com
Fri May 27 08:10:58 CEST 2011

Am 26.05.2011 21:26, schrieb Charly Avital:
> In Thunderbird, key usage is set in 'Per Recipient rules', that is not
> the Address Book.
>> > 
>> > Can someone please explain to me how this could be happening, and what I need 
>> > to do to correct it?  Should I remove his old key from my keyring?  If I do, I 
>> > assume that I won't be able to read his older messages.
> You don't have to remove his "old" public key from your keyring.
> You have to edit "Per Recipient Rules" so that your friend's new public
> key (in your public keyring) is linked to his User ID (e-mail address),
> and used to encrypt to him.
Thunderbird (or the enigmail extension you're most likely speaking of)
uses the mail addresses on the keys UID to choose which key to use. If
there is more than one key with the same mail address on the keyring,
engimails behaviour becomes somewhat unpredictable and sometimes chooses
the old key, sometimes the new one.

You could either override it with explicit recipient rules, or remove
the old key from the keyring. Since you said the old key became
"corrupt", I see no point in keeping it anyway.


More information about the Gnupg-users mailing list