Enigmail choose wrong signing key

OpenPGP addon for Mozilla Thunderbird

Brought to you by: pbrunschwig

Enigmail choose wrong signing key

Forum: Enigmail Support

Creator: Emmanuel

Created: 2013-09-22

Updated: 2013-09-28

Emmanuel - 2013-09-22

Environment:
Enigmail version 1.5.2 (20130703-1322) on OSX 10.8.5
gpg (GnuPG/MacGPG2) 2.0.20 with libgcrypt 1.5.0

Setup:
Keychain contains two private/public key pairs.

Configuration:
Both GPGPreferences and ~/.gnupg/gpg.conf show a default key defined

Problem:
When signing a mail, Enigmail uses the first created key for signing, rather than using the default defined in gpg.conf

Question:
How can I tell it to use the proper key for signing?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2013-09-22

You should make sure that the correct key is specified under Tools > Account Settings > OpenPGP Security. Do NOT specify an email address.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Emmanuel - 2013-09-23

Thanks. This did the trick.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

RobbieTheRobot - 2013-09-25

I have a similar problem.
As I'm very new to PGP, I'm not entirely sure which key is used to encrypt and which to decrypt.
At present my settings (as listed in T'Bird A/C settings) show that it is using my primary key.
I tried sending a test email to a friend who said that I should be encrypting with key XXXXX... - which is my subkey. But I can only select my primary key on the settings menu.
Or am I mis-understanding the whole thing here?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2013-09-25

You can only choose the primary key for signing. However, GnuPG will then pick the correct signing subkey automatically. You cannot specify a subkey because for encryption you will need two subkeys - one for signing and one for encryption.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

RobbieTheRobot - 2013-09-28

Thanks Patrick for your reply.
I am still struggling to understand primary keys and subkeys. Other times there is reference to public keys and private keys - are these the same thing by a different name?
I've googled PGP videos to try and understand at a basic level about all these keys, but have had no luck discovering what's what on the key front.
Would anyone have a link to a Dummmies-type-guide to this whole key business?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2013-09-28

You have two (linked) keys: your public key and your private key. These are two separate keys that belong together similarly to a pair of shoes.

Each of the keys has one or more subkeys that define what the key is able to do. The key itself has some data, but does not contain parts that allow the key to be used for encryption/decryption/signing. Thus, the sum of all subkeys together form the key.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.