slow signature verification with certain keys
Werner Koch
wk@gnupg.org
Fri Aug 31 09:29:01 2001
On Thu, 30 Aug 2001 16:24:47 -0500, Steven Barker said:
> I have noticed that verifying the signatures made by certain keys take much
> longer than average (45sec to a minute on my P3 550). One example is the key
> used to sign the attached message. I've examined the author's key as best I
You mean grisu@db.debian.org?
The slow verification should only happen the first ti e you do this.
He has a lot of signature on his key and the Web of Trust has to be
done (yes, I know that it is far too slow and I have plans to rewrite
that whole thing). This takes a lot of time.
Since 1.0.5 key signature are checked everytime the key is used; this
makes it really slow. Try that hint from the NEWS file:
* The verification status of self-signatures are now cached. To
increase the speed of key list operations for existing keys you
can do the following in your GnuPG homedir (~/.gnupg):
$ cp pubring.gpg pubring.gpg.save && $ gpg --export-all >x && \
rm pubring.gpg && gpg --import x
Only v4 keys (i.e not the old RSA keys) benefit from this caching.
> Is there a ligitimate reason it should take much longer to verify his
> signatures, or is it a bug?
Another reason might be that there is one key signature done with an
ElGamal signing key - that is much slower than DSA or RSA.
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus