Mail.app does not recognize when a public key changes for an email
I was sending encrypted mail to someone, but he started having issues on his end and needed to generate a new public key, which he sent me. In the keychain, I deleted the old key and imported the new one that has the same email address.
When I restart mail and send the same email an encrypted message, he can't open it -- it seems that the old key is used. If I encrypt the message manually using the new key and paste it into a message body (not encrypted of course), he can open it just fine.
Is this a bug, or is there an option I'm not seeing to specify which public key should be used when encrypting a message in Mail?
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Steve on 07 Aug, 2017 03:15 PM
Hi Ephi,
welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.
The problem of multiple keys existing for the same email address is quite common. Either a fake key was created with bad intentions to create confusion or the secondary key was created simply by accident. If a message is encrypted with the wrong public key, the receiving person will end up with a message they are unable to decrypt.
The following steps will help you resolve this problem and avoid known potential conflicts that may arise.
When it comes to OpenPGP key management it is important to understand, that everybody can create keys with any name and email address. So how do you know which key is the right one to use when communicating with your contact?
In case you are the owner of both keys, revoke one of the two keys. See How to revoke a key.
In case you are not the owner but have two public keys for the same email address in GPG Keychain:
In your case it could be that the second key was automatically downloaded due to the auto-retrieve key option, when browsing emails and clicking on a message signed with the old key.
Let me know if you were able to resolve the situation using the KB articles linked above.
All the best,
Steve
Support Staff 2 Posted by Steve on 22 Oct, 2017 04:36 PM
Closing, since no further user feedback was received. Should your problem persist, feel free to re-open this discussion any time.
All the best, steve
Steve closed this discussion on 22 Oct, 2017 04:36 PM.