Control: tags -1 + moreinfo hi dpdt1--
On 03/10/2014 10:28 AM, dpdt1 wrote: > i have 7-8 private keys in my gpg keyring, 3 of those just for email > accounts. > when i decrypt with default key(set in gpg.conf) everything's allright. when i > try to decrypt another account, gpg-agent asks for all other private > keys/subkeys's passphrases, untill it reaches the particular one.. and not > asking for that particular one in the first place.. that's really annoying on > tb/enigmail since i get 8 pop-ups asking for different passphrases > everytime... > i've set mail accounts to use specific key for those, and see no difference.. > still asking passphrase for all of them... You seem to be asking about decryption specifically, and not signing. i think that makes sense, i'm just double-checking to make sure, since there are two operations enigmail is capable of doing with a secret key. The choice of which key to use for decrypting any given message is based on the PK-ESK OpenPGP packet stored in the message itself: https://tools.ietf.org/html/rfc4880#section-5.1 Normally, this packet contains the OpenPGP keyID of the target to whom the message is encrypted, but some people use a keyID of 0x0000000000000000 to hide the target (this is done by enigmail by default when Bcc'ing someone on a message, and some people make it happen by default by adding "throw-keyids" to ~/.gnupg/gpg.conf, using --hidden-recipient arguments, or other gpg options. When the keyID is hidden like this, gpg just tries all secret keys. Perhaps this is what is happening for you? You can find out, for any given message, by choosing "view source" on any given message, and then pasting the source into "gpg --list-packets". If there is a hidden keyid, you'll see: :pubkey enc packet: version 3, algo 1, keyid 0000000000000000 I agree this is super annoying, but i'm not sure that enigmail is the place to fix it, or how you would fix it in engimail as well. Maybe you can ask your correspondents not to hide your keyid when they send you mail? > i thought it was a problem with gpg-agent and maybe it is (?), but other apps > recognize correctly each key and ask only for that passphrase.... which other apps? decrypting what sort of data? --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pkg-mozext-maintainers mailing list Pkg-mozext-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mozext-maintainers
