Topic: Automatic key selection etc


I just started using Enigmail for Thunderbird and are very amazed about this PGP thing. Its cool.

I have a few suggestions:

Is it possible to have FirePGP automaticly choose the correct public key for an email address you sent to? I guess it can be made very simple by just having a list "Options" where you can add email addresses, add a key and choose if it should be signed or/and encrypted.
It could be very cool if it was possible to add public keys to each user/email address on Contacts in Gmail, and the settings were somehow stored in "Options" on the plugin.. I dont know if this is possible, but it would certently be usefull.

Another thing. Why have a different link to add a crypted attachment? Isnt it possible to just crypt the attachment who are done with the "gmail" link?


Lars Chr.

Re: Automatic key selection etc

I believe attachments have to use gpg/mime where as the letter does not -- so the encryption process for the two are different.  For each address its theoretically possible to have more than one public key, so automatic key selection may pick the incorrect key.  As far as storing the public keys in the Gmail Contacts -- that would be a nice feature -- however google would have to implement that -- and this is unlikely to happen.  Less than 1% of people using email use some form of encryption/signing.

Re: Automatic key selection etc

Ok. I understand the attachment thing...

On the key thing... You as a gmail user are the one who define the list which FireGPG would eventually use to detect what to do. My idea is that you only need to attach one key to an email address. When you choose a email in the "To:" field, FireGPG checks your list if there are any match on the email. If there are any, it fetch the key and sign/crypt it.

I know you said its technically possible to have more than one key for an email address. But isnt it the same which of the two keys are used? The receiver would get it and it will be decrypted anyway... and both are happy. Maybe it could be possible to store several keys to an email in the rule list, and in those cases where there is more than one key, let the user choose.

It would be really nice to not think about to sign and crypt emails everytime. I think signing and crypting emails are like backups... if you need to do it manually all the time, you simply forget it or just dont do it.

Lars Chr

Last edited by ascaaear (2007-12-06 06:14:19)

Re: Automatic key selection etc

Yes your suggestion about multiple keys -- and allowing the user to select which public key to use -- is a good idea.  Remember however all the public keys are kept inside the gpg keyring -- firegpg does not store them or keep them. 

If you are at the command line and you type:
gpg --list-keys

You can see the public keys kept by gpg on your keyring.  gpg --list-secret-keys will list your private keys.  Perhaps you should repost your idea as a new suggestion or request.  The authors are pretty good about trying to work in requests inside future requests.