getting an encrypted file to show what public key was used

Steven Lefevre lefevre.10 at
Tue May 29 19:54:34 CEST 2012

On Tue, May 29, 2012 at 11:28 AM, Robert J. Hansen <rjh at> wrote:

>        1.  His correspondent said "use certificate 0xF1940956."
>        2.  He did a gpg --recv-key 0xF1940956.
>        3.  Quaero Corporation already has a certificate with the
>            short ID of 0xF1940956 on the keyservers, created
>            2002-04-25.
>        4.  He imported Quaero Corporation's certificate
>        5.  He believes he's using the correct certificate for his
>            correspondent, since he's using the short ID they
>            specified
>        6.  He's actually using Quaero Corporation's certificate
>        7.  And his correspondents can't read the traffic, since
>            he's using the wrong certificate.
> I could be wrong, of course, but that's where I'd place my bets.

This is, not surprisingly, the case. There was bad logic in my script
and somehow, somewhere, it's using the wrong key for this particular

I was confused about how the remote host could learn the "name" of the
public key, but apparently their script looks it up from public
sources, or already has it on their keyring, or whatever.

I was not aware of a method I could use to tell which key I had just
encrypted a file with, but thanks to the replies, I now know that the
key ID will let me know :)

Steve Lefevre

More information about the Gnupg-users mailing list