GPGMail: Why no interface to choose specific key from multiple valid options for same address?
Hi,
Earlier today, I tried to send an email to a friend, but they were unable to decrypt it. After verifying that the key I had for their account was the correct one, I noticed that I actually had two different keys for them, an old one (which was not expired and not revoked) and a new one (which they created more recently and were expecting me to use). It turns out my friend had lost the first public key's secret, so that's why they had created a new key.
Unfortunately, when I wrote email to them, GPGMail was always selecting the older (but still "valid") key for encryption, even though a newer (and stronger) key was also available. The only way for me to resolve this issue was to remove the older key from my GPG Keychain. When I did that and re-started Mail, GPGMail began encrypting with the right key.
My question is this: Given that there are some situations in which multiple valid keys for a given recipient are in a keyring, why is there no interface for choosing which key to use? It makes sense for GPGMail to pick one even at random, in the absence of any better information, but I've frequently seen more than one unexpired/unrevoked (valid!) key when searching for a particular email address from a keyserver. If I imported more than one of those keys, then would GPGMail simply never use one and always use the other?
For reference, this situation feels similar to this other one, to me: http://support.gpgtools.org/discussions/feedback/1547-choose-public...
Ideally, I'd like there to be some (hidden-by-default?) option for me to manually select which key to use to encrypt an email to in GPGMail rather than having to remove keys from my keyring to make GPGMail encrypt to the right key.
Thanks for listening.
Cheers,
-maymay https://maymay.net
https://Cyberbusking.org
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Steve on Aug 19, 2015 @ 02:59 PM
Hey Maymay,
thanks for taking the time to bring this problem to our attention.
The scenario you describe addresses a few of the rather hard to solve issues when using OpenPGP technology. So I'm trying to go through those one by one and address them.
Make keys expire: expiry dates are a great idea and we default to having one, when a new key is created. We should def display an info message explaining the implications should that option get deselected. We have a pending ticket for that. Actively ask users to create a backup right after key creation: we have a ticket for that. We should explain why it is important to a) have a backup and b) store that in an external location. Create a revocation certificate whenever a new key is created: We added this functionality already and the first stable which included this was GPG Suite 2015.06. It does not help, if you get your computer stolen, but is a great to have safety net for a lot of other cases.
What happens if you deactivate the key in GPG Keychain instead of having to remove it? GPGMail then should only use the correct key. To do that, open GPG Keychain, double click the public key you want to deactivate and at the bottom of the "Key" tab you'll find the option to deactivate that key.
Kind regards,
steve
2 Posted by maymay on Aug 19, 2015 @ 05:50 PM
Hi Steve,
Wow, that is a fantastically detailed and thorough response. Thank you so much! I think you addressed all of my questions. The only thing I remain curious about is where the tickets you mentioned are listed? Do you have a Trac, a GitHub tracker? Is the issue tracker this project uses public?
Since I’ve already removed the old key, I can’t test simply deactivating it, but if I run into a similar situation again I will try that rather than deleting the key next time.
Thanks again for the detailed and thoughtful response.
Cheers,
-maymay
Support Staff 3 Posted by Steve on Aug 20, 2015 @ 06:11 PM
We use Lighthouse as our ticket tracker. A few projects are public, GPGMail is private though.
https://gpgtools.lighthouseapp.com/projects/65684/tickets/257
https://gpgtools.lighthouseapp.com/projects/65684/tickets/349
It's proven to be most effective to not have too much traffic on the ticket tracker. We prefer to discuss problems on the support platform and then create tickets as needed. But we try to be as open for suggestions as possible.
Steve closed this discussion on Oct 20, 2015 @ 11:54 AM.