On Sep 22, 2009, at 1:11 PM, Daniel Kahn Gillmor wrote:
when encrypting messages to a user ID with multiple matching keys with
full calculated validity, gpg seems to just choose the "first"
matching
key, for some definition of "first" -- i think it's decided by
chronological age of first import into the local keyring.
This does not seem to be the best heuristic. here are some other
proposed heuristics for choosing among multiple keys with full
calculated User ID validity during encryption:
0) choose the most recently-created key
1) choose the key with the strongest supported encryption-capable
subkey (by bitlength?)
2) encrypt to *all* matching keys
The problem with this sort of thing is that for every possible
heuristic we can come up with, there is going to be someone who that
heuristic breaks. GnuPG has done the "first matching key" since the
beginning, as did (old) PGP[1]. That behavior is baked deeply into
systems.
David
[1] PGP has a GUI nowadays, so this sort of thing doesn't apply in the
same way any longer. I don't have my copy of PGP command line online
at the moment, so I can't check what it does, but I'd be surprised if
it didn't either take the first one or give an error message.
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
