tag:gpgtools.tenderapp.com,2011-11-04:/discussions/beta/2068-mailapp-does-not-recognize-when-a-public-key-changes-for-an-emailGPGTools: Discussion 2017-10-22T16:36:11Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/431283492017-08-07T15:15:12Z2017-08-07T15:15:12ZMail.app does not recognize when a public key changes for an email<div><p>Hi Ephi,</p>
<p>welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.</p>
<p>The problem of multiple keys existing for the same email address is quite common. Either a fake key was created with bad intentions to create confusion or the secondary key was created simply by accident. If a message is encrypted with the wrong public key, the receiving person will end up with a message they are unable to decrypt.</p>
<p>The following steps will help you resolve this problem and avoid known potential conflicts that may arise.</p>
<p>When it comes to OpenPGP key management it is important to understand, that everybody can create keys with any name and email address. So how do you know which key is the right one to use when communicating with your contact?</p>
<ol>
<li>
<p>In case you are the owner of both keys, revoke one of the two keys. See <a href="https://gpgtools.tenderapp.com/kb/gpg-keychain-faq/how-to-revoke-a-key-or-user-id">How to revoke a key</a>.</p>
</li>
<li>
<p>In case you are not the owner but have two public keys for the same email address in GPG Keychain:</p>
<ul>
<li>if you know which public key the correct key is, try disabling the wrong key. See <a href="https://gpgtools.tenderapp.com/kb/gpg-keychain-faq/disable-key">Disable key</a>.<br></li>
<li>if you are unsure, which key the correct key is, it is highly recommended, to verify the public key of your contact. See <a href="https://gpgtools.tenderapp.com/kb/how-to/trusting-keys-and-why-this-signature-is-not-to-be-trusted">How to verify and sign a key</a>.</li>
</ul>
</li>
</ol>
<p>In your case it could be that the second key was automatically downloaded due to the auto-retrieve key option, when browsing emails and clicking on a message signed with the old key.</p>
<p>Let me know if you were able to resolve the situation using the KB articles linked above.</p>
<p>All the best,<br>
Steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/431283492017-10-22T16:36:07Z2017-10-22T16:36:07ZMail.app does not recognize when a public key changes for an email<div><p>Closing, since no further user feedback was received. Should your problem persist, feel free to re-open this discussion any time.</p>
<p>All the best, steve</p></div>Steve