On Mon, Jan 06, 2020 at 04:42:40PM +0100, azbigd...@gmx.com wrote:
I'm still a bit confused on the changes in secring. How does it come up with the names for those "new" keys as it doesn't seem to corrolate with anything I can see on the keys.
Files under the $GNUPGHOME/private-keys-v1.d directory are named after the *keygrips* of the keys.
A keygrip is similar in principle to an OpenPGP fingerprint, but is computed on a data structure that is independent of any protocol (contrary to an OpenPGP fingerprint, which is computed over an OpenPGP packet).
GnuPG, which since its version 2.0 implements both OpenPGP and S/MIME, uses keygrips internally to refer to a key independently of the protocol with which the key is to be used.
You can use the --with-keygrip option when listing keys to have GnuPG display the keygrips, and check that they match the filenames you see in the $GNUPGHOME/private-keys-v1.d directory.
For them to go away from the OpenPGP standard it obviously had to make sense to them
The OpenPGP standard dictates how compliant implementations interoperate. It says nothing about what the implementations shall do internally.
Keygrips are strictly an internal implementation detail of GnuPG. When it interacts with the outside world (e.g. when exporting a key), GnuPG still follows the OpenPGP standard.
Cheers, - Damien
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
