On Mon, May 03, 2010 at 06:19:17PM -0400, Greg A. Woods wrote: > > Normally the only time I've ever seen anyone end up with multiple > published keys associated with the same e-mail address it has happened > when they have accidentally lost their private key somehow and therefore > they were unable to revoke it properly. Well, I suspect this case happens fairly often. (And there are other cases; where you're still gathering enough signatures so you can use your new key, and the old key hasn't been compromised, but people have started getting paranoid about the crypto algorithms involved, etc.) So I'd argue that saying this is only something that Advanced GPG users will use is probably a bit short-sighted. > Meanwhile the original problem here appears to me to be that Git > effectively encourages use of multiple valid keys that may have the same > e-mail address attached to multiple key-IDs. Yes, I think that *is* the problem. If you want to optimize for the common case, that's fine, but it's also useful to have a way for users to specify in their gitconfig files that a specific KeyID should be used if they are signing with a particular e-mail ID. - Ted -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html