On 08/14/2013 10:56 PM, Foo Bar wrote: > > Hello! > > Thank you for your response. Some comments inline... > > ----- Original Message ----- >> From: MFPA <expires2...@ymail.com> >> >> You can create a key with whatever information you wish to >> put in the user-id(s), truthful or otherwise. > > I have tried to enter a "wildcard email" when gpg asked me for > the email address during key generation. I tried "example.com", > "@example.com" and "*@example.com", but all of them were > rejected with 'Not a valid email address'. Is there a special > syntax I should use?
As I pointed out before with my example using monsters.edu, making a wildcard email for a domain is fraught with abuse peril to the maximum. How many users do you need to include at a given domain? If somebody asked me to sign such a key as part of the WOT I wouldn't sign it. OTOH, if you have a half dozen or so email addresses at that domain you can add a UID for each and every one of the email addresses to your key. There will be more on those email addresses in a moment. But I would ask questions why you need so many email addresses at the same domain for a given key. Any more than 2-3 email addresses would be very suspicious. >> A key identifying itself as connected to the email address >> "*@example.com" rather than "f...@example.com" may be missed >> when an >> email program passes "f...@example.com" to GnuPG as the search >> string for an encryption key (and when GnuPG passes the >> string to a keyserver). > > I think the point you just made is the relevant one: Even if I > would be able to create a key with a "wildcard email" > associated with it, would the email client plugins, such as > Enigmail, be able to deal with it? I guess that's a question > for the Enigmail developers, once I figure out how to generate > a key with a wildcard email via gpg. I hope you cannot do it. If I was writing the code you would need something that had a valid TLD on the end and valid alpha-numeric and optional one "-" at time for the hostname. In front of the @HOSTNAME you should only be able to have user names that are alphanumeric with what ever other characters (thinking of other character sets for other languages) but SOMETHING has to be there for the user at that domain. I don't think you have thought this through carefully though. I realize some people stupidly put all of their email accounts into one folder in Thunderbird. NOT ME! Each email account gets its own separate set of folders and I have Local Folders which accept no email so I can move email messages from the account folders into the Local area if I need to save those messages. If you have a half dozen POP/IMAP email accounts, not giving each email account its own set of folders can complicate things terribly with no end of the confusion in sight. Even with just two email accounts things can get complicated in a hurry. What do you do if one of the email accounts is closed down? I just delete that set of folders. Now we come to Enigmail. If you use the separate email accounts the way I said you should, you can actually have multiple keys for all of the email addresses. The reason why is Enigmail in Thunderbird provides a way to specify it manually for each and every email account: http://www.securemecca.com/public/GnuPG/ http://www.securemecca.com/public/GnuPG/EnigMailSettings.jpg You cannot see it but I add a UID for every email account I am going to use with my key and then just let Enigmail find the appropriate key for the email address. I could also do it with a one key fits all with a default-key in the gpg.conf file. But how are you going to say use only this key with ALL of my email accounts in Enigmail if you don't have specific email folders but dump all of them in one common folder? You also could investigate a group names to resolve the problems you will have. But this is getting so scary with so many email addresses I am beginning to believe you will have a goulash mess in just Thunderbird alone without adding Enigmail to the mix. A wise man once said: "Make every system as simple as possible but no simpler." I may contend his saying that gravity is not a force at all but just a warping of the time-space curve may be a little bit too simple. But saying gravity isn't a force (if gravity isn't a force why is almost every galaxy a spiral?) or me saying it may still be a force and the discussions thereof are simple compared to what you are attempting to do. In fact what you are attempting to do is giving me a class A migraine headache. Who was the man that made the statement about how systems should not be too complex? Albert Einstein. If you are smarter than him flail away. My low IQ is now going to be involved in watching the NOVS program on a member of the Cephalopod family called the Cuttlefish and after it a program on the new ALMA telescope system being created on the Atacama plateau. If I was really brilliant I would be one of the technicians on-site keeping these telescopes working proparly. But I think either the Canary Islands or the big Island of Hawaii would be nice places to be. I have lived most of my life above 1500 meters so I can handle the altitude. But the Atacama in Chile is a really desolate piece of real estate. I wonder how they handle the dust storms in a place that gets less than 3 cm of rainfall per year> HHH _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
