GPG users with multiple keys

Hello,

So, I’ve done a manual import of some user’s public keys, and am then
sending GPG encrypted RT mail to these users. One of these users happens
to have 2 public keys in the keyring, which I don’t think should be a
problem. This seems to work fine in some cases, for instance if I comment
on a ticket, and add him as a One-time Cc or One-time Bcc the encrypted
email goes through. I am not entirely sure how RT is selecting the key to
use, since a “preferred” key hasn’t been established, but nevertheless it
works fine.

It’s different for tickets where he is an AdminCc watcher of the queue.
When I comment on one of those tickets, RT will want send to him an email
by default. In this case, it returns an error that reads:

"You are going to encrypt outgoing email messages, but there is a problem
with a recipient’s public key. You have to fix the problem with the key,
disable sending a message to that recipient, or disable encryption.

User XXXXXXXX has a problem. There are several keys suitable for encryption.
Select a key you want to use for encryption:"

It shows me a select box that lists his 2 keys. However, no matter which
one I select, it always returns me right back to this same error message.
This is the same user that works just fine as a One-time email recipient in
other queues. If I delete one of his keys from the keyring, the email
then works fine. Users that have a single public key aren’t showing any
errors, even when they are queue AdminCc.

Any ideas what might be going on here?

-Chris

"You are going to encrypt outgoing email messages, but there is a problem with a recipient’s
public key. You have to fix the problem with the key, disable sending a message to that
recipient, or disable encryption.

User XXXXXXXX has a problem. There are several keys suitable for encryption.
Select a key you want to use for encryption:"

It shows me a select box that lists his 2 keys. However, no matter which one I select, it
always returns me right back to this same error message. This is the same user that works just
fine as a One-time email recipient in other queues. If I delete one of his keys from the
keyring, the email then works fine. Users that have a single public key aren’t showing any
errors, even when they are queue AdminCc.

There is no ‘preferred key’ feature in RT (it was not implemented,
although there is the start of some support for it).

However, not respecting the choice in the UI seems like a bug. Please
send more information about that to the RT bugtracker.

http://bestpractical.com/rt/issues.html

-kevin