multiple keys with different UIDs and common WoT?

Peter Lebbing peter at digitalbrains.com
Sun Dec 1 12:58:07 CET 2013


On 01/12/13 12:42, Klaus wrote:
> Will it harm to have the same email-part of an UID for two keys? e.g.
> - Klaus (secure) klaus at employer1.de
> - Klaus (unsecure) klaus at employer1.de

I suppose it depends on how the mail client handles the case of multiple valid
UIDs on different keys matching the e-mail address. The GnuPG command line
simply picks the first in the keyring. If the mail client also does this, it's
entirely unpredictable which one will be picked by others. In this case, it
would be ideal if the mail client prompted with the two matches, allowing the
sender to pick one. Although it's debatable whether it should do this every
time; it might become annoying.

Maybe someone else knows more...

But keeping the e-mail address of your old employer with the scheme I proposed,
just means that your new employer will in principle have access to messages
encrypted to the work key. This might not be objectionable when you have left
your previous employer. It depends on the scenario; what type of mails people
send you after you have left the first employer.

> That way, I will still be able to receive new mail on my
> home machine.

If you have the private keys of the work key at home, you will also have access
to the mails sent to the work key. But I suppose you meant: at home but /not/ at
my new job.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list