getting an encrypted file to show what public key was used
lefevre.10 at osu.edu
Tue May 29 19:54:34 CEST 2012
On Tue, May 29, 2012 at 11:28 AM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> 1. His correspondent said "use certificate 0xF1940956."
> 2. He did a gpg --recv-key 0xF1940956.
> 3. Quaero Corporation already has a certificate with the
> short ID of 0xF1940956 on the keyservers, created
> 4. He imported Quaero Corporation's certificate
> 5. He believes he's using the correct certificate for his
> correspondent, since he's using the short ID they
> 6. He's actually using Quaero Corporation's certificate
> 7. And his correspondents can't read the traffic, since
> he's using the wrong certificate.
> I could be wrong, of course, but that's where I'd place my bets.
This is, not surprisingly, the case. There was bad logic in my script
and somehow, somewhere, it's using the wrong key for this particular
I was confused about how the remote host could learn the "name" of the
public key, but apparently their script looks it up from public
sources, or already has it on their keyring, or whatever.
I was not aware of a method I could use to tell which key I had just
encrypted a file with, but thanks to the replies, I now know that the
key ID will let me know :)
More information about the Gnupg-users