On Sun, 08 Nov 1998, Werner Koch wrote:
> Noteworthy changes in version 0.4.3
> * Experimental support for keyrings stored in a GDBM database.
> This is *much* faster than a standard keyring. You will notice
> that the import gets slower with time; the reason is that all
> new keys are used to verify signatures of previous inserted
> keys. Use "--keyring gnupg-gdbm:<name-of-gdbm-file>". This is
> not (yet) supported for secret keys.
Wow, great!
Now it takes only some seconds to import my complete PGP 2 keyring
(~2MB) (--fast-import) and creating the trustdb (--update-trustdb)
takes only some minutes and very less memory.
But there seems to be some problem with checking PGP signatures now,
because checking a simple PGP signature (RSA) now seems to run
"forever" (it runs for 12 minutes now, with 98% CPU usage). ps shows
me, that mutt runs the following command:
USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND
roland 17295 95.6 2.0 1888 1316 pb R 13:33 13:49 /usr/local/bin/gpg --no-verbose --batch -o - --verify /tmp/mutt-spinnaker-17276-25.asc /tmp/mutt-spinnaker-17276-25
Stopping this by pressing Ctrl-C shows me this:
gpg: Signature made Fri Sep 25 02:15:07 1998 CEST using RSA key ID AE8F7CF5
gpg: Good signature from "Martin Schulze <joey@infodrom.north.de>"
gpg: Interrupt caught ... exiting
Testing this with some other signed mails, I found out, that this
behavior seems to arrive only if the signing key can be reached via a
signature chain and is not directly signed by me.
Similar problem with sign&encrypt:
gpg: public key decryption failed: Secret key not available
gpg: note: cipher algorithm 1 not found in preferences
gpg: key setup failed: g10err=-1073745528
gpg: old style signature
gpg: Signature made Wed Jul 2 10:39:23 1997 CEST using RSA key ID BA523901
gpg: Good signature from "TC TrustCenter, Hamburg, Germany, www.trustcenter.de;
+Organization Key; <info@trustcenter.de>"
gpg: Interrupt caught ... exiting
Here I also pressed Ctrl-C and the message is decrypted. Seems, that
gpg is searching for something, which isn't needed, because decryption
is done and the signature is checked...
Another problem: I tried to send a gpg encrypted message with mutt to
roland@spinnaker.rhein.de. There are two keys (a RSA and a DSS/DH key)
existing for this userid. When I try to send out this mail, mutt
starts
/usr/local/bin/gpgm --no-verbose --batch --with-colons --list-keys
which runs a long time (4 minutes now with 97% CPU time). I tried this
command out by hand and found out that this behavior seems to depend
on the --with-colons option (without this option gpgm outputs the keys
and exists in some seconds).
Ciao
Roland
--
* Internet: roland@spinnaker.rhein.de * Fido: 2:2450/42 *
PGP: 1024/DD08DD6D 2D E7 CC DE D5 8D 78 BE 3C A0 A4 F1 4B 09 CE AF
> Noteworthy changes in version 0.4.3
> * Experimental support for keyrings stored in a GDBM database.
> This is *much* faster than a standard keyring. You will notice
> that the import gets slower with time; the reason is that all
> new keys are used to verify signatures of previous inserted
> keys. Use "--keyring gnupg-gdbm:<name-of-gdbm-file>". This is
> not (yet) supported for secret keys.
Wow, great!
Now it takes only some seconds to import my complete PGP 2 keyring
(~2MB) (--fast-import) and creating the trustdb (--update-trustdb)
takes only some minutes and very less memory.
But there seems to be some problem with checking PGP signatures now,
because checking a simple PGP signature (RSA) now seems to run
"forever" (it runs for 12 minutes now, with 98% CPU usage). ps shows
me, that mutt runs the following command:
USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND
roland 17295 95.6 2.0 1888 1316 pb R 13:33 13:49 /usr/local/bin/gpg --no-verbose --batch -o - --verify /tmp/mutt-spinnaker-17276-25.asc /tmp/mutt-spinnaker-17276-25
Stopping this by pressing Ctrl-C shows me this:
gpg: Signature made Fri Sep 25 02:15:07 1998 CEST using RSA key ID AE8F7CF5
gpg: Good signature from "Martin Schulze <joey@infodrom.north.de>"
gpg: Interrupt caught ... exiting
Testing this with some other signed mails, I found out, that this
behavior seems to arrive only if the signing key can be reached via a
signature chain and is not directly signed by me.
Similar problem with sign&encrypt:
gpg: public key decryption failed: Secret key not available
gpg: note: cipher algorithm 1 not found in preferences
gpg: key setup failed: g10err=-1073745528
gpg: old style signature
gpg: Signature made Wed Jul 2 10:39:23 1997 CEST using RSA key ID BA523901
gpg: Good signature from "TC TrustCenter, Hamburg, Germany, www.trustcenter.de;
+Organization Key; <info@trustcenter.de>"
gpg: Interrupt caught ... exiting
Here I also pressed Ctrl-C and the message is decrypted. Seems, that
gpg is searching for something, which isn't needed, because decryption
is done and the signature is checked...
Another problem: I tried to send a gpg encrypted message with mutt to
roland@spinnaker.rhein.de. There are two keys (a RSA and a DSS/DH key)
existing for this userid. When I try to send out this mail, mutt
starts
/usr/local/bin/gpgm --no-verbose --batch --with-colons --list-keys
which runs a long time (4 minutes now with 97% CPU time). I tried this
command out by hand and found out that this behavior seems to depend
on the --with-colons option (without this option gpgm outputs the keys
and exists in some seconds).
Ciao
Roland
--
* Internet: roland@spinnaker.rhein.de * Fido: 2:2450/42 *
PGP: 1024/DD08DD6D 2D E7 CC DE D5 8D 78 BE 3C A0 A4 F1 4B 09 CE AF