Aaron Lehmann wrote: > On Mon, Sep 17, 2001 at 11:54:56PM -0400, Joey Hess wrote: > > Has anyone else noticed that using gpg with debian-keyring 2001.09.03 > > results in excessively slow trustdb-related things? > > This is exactly what I was complaining about on IRC a few days ago. I > simply am not going to use the Debian keyring if the precence of so > many keys causes verifying a single mail to take barely-finite lengths > of time. That's too bad, since there's a lot to be gained by actually > verifying Debian signatures.
I should note that one workaround is to add --always-trust to your gpg command line. At your own risk, but it does completly eliminate the long trustdb step, reducing signature verification to its former speed. I _hope_ that after --list-keys forces it to insert each and every key into the trust db and do all the long calculations, and hopefully cache them, the speed issue will be dealt with. We'll see; after 7 hours gpg is still churning away on that command. It'd be nice if someone would look at optimizing it sometime; the behavior I see with strace is absurd, and could easily be done with no syscalls, at least, by just reading the whole trustdb into memory. [FWIW, this is a strace of a single gpg verify operation. I didn't even let it run all the way though, giving up when the strace log reached 700 MB: [EMAIL PROTECTED]:~>grep llseek log |wc -l 5036905 ] -- see shy jo
