fingerprint associated public key does not match displayed public key

S.B. sami.badri at gmail.com
Sat Dec 18 02:46:18 CET 2021


> Key(s): a certificate holds at least one, but usually more than one.

I see.  So, a certificate (aka pgp public key block) holds at least
one key (+ pertinent metadata that changes/updates depending on use,
etc.), but usually more.  What other keys would it hold?  The paired
secret key?  No.  Other public keys in my key ring?  Unlikely.  If the
certificate is made for encryption of a message that only one specific
secret key can decrypt.  Why would it hold more than one key?

>> But the import command doesn't work with txt.
> Sure it does.  I did that no more than twenty minutes ago myself.

So I typed the gpg --import > certificate.txt command and it says "no
such file or directory: certificate.txt" (certificate has a different
name of course).  I placed the file in my .gnupg hidden folder.

Here is really the root of my problem.  As you probably know, I'm not
using a Web Key Service/Directory enabled email provider, so if I were
to get an encrypted message intended for me, I'd have to copy the
encryption text, paste it into txt file, then import/decrypt it like
that with: gpg --decrypt ~/Desktop/encryptedfile.txt | perl
-MMIME::QuotedPrint -0777 -nle 'print decode_qp($_)'
That's a command I found online from a source that I've been using for
learning pgp.

What am I missing?  Does this only work well with WKS/D enabled
message services?

On Fri, Dec 17, 2021 at 12:42 PM Robert J. Hansen <rjh at sixdemonbag.org> wrote:
>
> > The document snapshot analogy really helps.
>
> I'm glad it's helped!
>
> >> No, and I'm going to strongly encourage you to stop asking
> > implementation questions.
> >
> > I think I'll take that advice.
>
> When you think you're ready, we'll be here to answer your implementation
> questions.  It would break my heart if you thought you should never ask
> them -- I just, only, think that diving into implementation details is
> almost always a bad idea for new users.
>
> If you want to teach someone poetry you start by showing them the witty
> banter and playful puns in Shakespeare, and encourage them to laugh and
> enjoy the show.  Learning about iambic pentameter can wait.  :)
>
> > I'm getting the picture now.  The pgp key block is really the
> > certificate.  The certificate holds the key and metadata.
>
> Key(s): a certificate holds at least one, but usually more than one.
> Beyond that minor detail you've got it perfect.
>
> >> gpg --import < certificate.asc
> >
> > So, when dealing with a displayed certificate (what I was calling a
> > pgp public key block), the only method I thought of was copying and
> > pasting it onto a txt file.  But the import command doesn't work with
> > txt.
>
> Sure it does.  I did that no more than twenty minutes ago myself.
>
> How were you trying to do this?



More information about the Gnupg-users mailing list