On Donnerstag, 29. Februar 2024 21:21:42 CET Daniel Kahn Gillmor wrote: > human-readable names for certificates. But i don't see how to use that > safely while dealing with GnuPG's risky implementation choices here.
Allowing recipients to be specified by email address (or some other part of a user ID) was inherited from PGP. And I guess it's part of the reason for the success of PGP (and GnuPG) that one could specify keys of recipients by email addresses instead of by hard to remember key IDs (when those could still be considered unique) or by impossible to remember fingerprints (or by file name as sequoia-pgp seems to prefer). Calling this a risky implementation choice of GnuPG is ridiculous. If anything then it's a risky implementation choice of pass to allow using anything other than a fingerprint in ~/.password-store/.gpg-id. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users