Page MenuHome GnuPG

Requesting a fingerprint for a keyid will show fingerprints for different keys with matching subkey
Closed, InvalidPublic

Description

If you request a fingerprint for a keyid, it'll print fingerprints for other
keys with matching subkey ids, which is misleading. I'm not sure if this is
desired, but if it is, there should, at minimum, be a way to specify
--primary-key-ids-only or something.

$ gpg --no-default-keyring --keyring ./scale-13x-keyring.gpg --fingerprint 9c4ada06
pub 4096R/D749AB0E9C4ADA06 2013-02-25

Key fingerprint = 3856 FD13 0BEC 5E91 1289  80C2 D749 AB0E 9C4A DA06

uid J. Joe Feise <joe.feise@numecent.com>
sub 4096R/55B5E43349C534E4 2013-02-25

pub 1024D/D4105202C7867633 2013-10-17 [expires: 2018-10-16]

Key fingerprint = 2DFE B741 FDDF 50A6 DB29  6B88 D410 5202 C786 7633

uid johan test <johan@test.privacymail.nl>
sub 1024g/F83D0F4D9C4ADA06 2013-10-17 [expires: 2018-10-16]

Event Timeline

keyids are not unique. The short keyid of the subkey of the second key matches
the keyid of the first key and thus both are listed.

Yes, I understand that keyids are not unique. However, when I ask for the
fingerprint of a key, I likely mean the primary key, not subkeys. People use
keyids (hopefully long, often short), or fingerprints as an identity... and they
always mean of their primary key, not their subkeys. There should be an option
to list only primary keys that match.

I do not think that such an option is useful. Please feel free to discuss at
gnupg-users to get other opinions.