GPG Services: key id during selection for signing text

ndoc3's Avatar

ndoc3

27 Feb, 2019 10:00 PM

For GPGServices, part of 1.4.6, I am trying to sign some text using the Sign Selection menu item under services.

When I choose this, it brings up a dialog 'Select Key - GPGServices' which shows my keys with a number enclosed in parentheses after the email address in < > brackets.

What is that number? I've tried to find the corresponding key in the GPG Keychain app, but can't seem to figure this out.

I have multiple keys for the same email address and need to be able to ensure I am using the proper one for signature.

thanks,
Peter

  1. Support Staff 1 Posted by Steve on 06 Mar, 2019 09:08 PM

    Steve's Avatar

    Hi Peter,

    welcome to the GPGTools support platform.

    The number you see shown behind the name and email used in your OpenPGP key is the last part of the fingerprint.

    Open GPG Keychain and you should see the fingerprint for your key. If you compare that information to the information shown in GPG Services you should see that the numbers match the last four blocks.

    Can you elaborate on the use case for having more than one key for the same email? If you can it would be suggested to revoke unused keys (don't delete them). You can still decrypt but prevent many problematic situations which can arise otherwise.

    All the best,
    Steve

  2. 2 Posted by peternsteinmetz on 06 Mar, 2019 09:23 PM

    peternsteinmetz's Avatar

    Mostly it is just a matter of using the keys for things other than email, like encryption of different types of documents. Or sharing a key with different groups of people.

    I think there have been other people doing this sort of thing as well. Of course one can have a key without an assigned email but it is often nice to have this use case.

    Is there a reason to use the last part of the fingerprint rather than the key id in those listings? It seems a bit more obscure.

    Thanks,
    Peter

    ----
    [email blocked]
    Senior Scientist, NeurTex Brain Research Institute

  3. Support Staff 3 Posted by Steve on 06 Mar, 2019 09:56 PM

    Steve's Avatar

    We tend to use the fingerprint in more and more places. In the past fingerprint, short ID (8 digits) and long ID (16 digits) which was very confusing.

    The short ID should no longer be used:
    https://evil32.com/

    I am not sure I understand the benefit of sharing different keys for the same email (identity) with different groups of people. If you want to use different identities for different activities that I would understand. But if the different keys share the same email, they can be easily connected to one identity and I don't see the point in creating key management overhead and the risk of creating confusion and errors.

    That's clearly your choice. I can just share my experience that many user who often times unintentionally create multiple keys with the same email over time run into trouble and we generally speaking do not recommend such a setup.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac