David Shaw on Wed, 26 Feb 2003 23:50:59 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] GnuPG 1.2.1 trustdb checks for every pubkey import?


On Wed, Feb 26, 2003 at 10:38:51PM -0500, gabriel rosenkoetter wrote:
> Every time a key is added to my public keyring, GnuPG forces a
> trustdb check. Is anyone else experiencing this aberrant behavior?
> 
> Using --no-auto-check-trustdb makes reading mail with mutt practical
> again. Using --no-expensive-trust-checks has no visible effect
> (still). Exporting my trust, blowing away trustdb.gpg, and
> reimporting my trust doesn't change this behavior.
> 
> There is no sane explanation for needing to do a trustdb check with
> every imported key. If that were going to be necessary, then it
> shouldn't ever have been modularized out.

When a new key comes into the keyring, a trustdb check is necessary to
find if it is valid or not.  --no-auto-check-trustdb just defers that
check until you do it yourself.  Many people use
--no-auto-check-trustdb and then run --check-trustdb out of cron late
at night.

That said, this:

> gpg --check-trustdb  109.24s user 20.77s system 80% cpu 2:40.70 total

is pretty bizarre.

How many keys are on your keyring, and more importantly, did you
recently upgrade from an earlier version of GnuPG?

David

Attachment: pgp6gXYFcC3po.pgp
Description: PGP signature