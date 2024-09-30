There is a point that confuses me. I created a PGP key using the web interface and protected it with a password. I exported it and put it into Openkeychain on my smart. Then I created a pair of keys with OpenKeychain, say for gmail. And I uploaded the public key to my vivaldi/mail database. Then I write a test email in the web interface, check how it works. I turn on the encrypt and sign option. It asks me for the password of my private vivaldi/key - for signing, everything is correct.

I get this email using my email client in my gmail inbox. Decrypting it. And this is where it asks me for my password..... for the Vivaldi key? And it decrypts it!

But I encrypted it using my gmail public key!

I figured out that Vivaldi's server encrypts the message with both keys. That is, both private keys, both passwords to them decrypt this email! And this cannot be changed in the settings.

This is not right from my point of view.

Signing and encryption must be done with different key pairs, without mixing.