Change s2k count?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Dec 3 17:46:03 CET 2009
On 12/03/2009 10:58 AM, David Shaw wrote:
> PGP calculates whatever count your computer can do in 1/10 of
> a second and uses that. It seems like a reasonable solution to
> me. If someone explicitly sets a --s2k-count, we'll use what
> they set. If they don't, we can do the 1/10-second calculation.
I like the elegance of this solution, but couldn't this calculation be
confounded by other load on the processor? For example, if i'm
generating a new key (or changing a passphrase) while also encoding
video, it would be a shame if gpg were to pick a too-low value.
I suppose i'm suggesting that it would be important to check times(2)
instead of gettimeofday(2) (on POSIX systems, anyway, i dunno about
win32), but also that it would be good to retain a lower-bound as a
sanity check (perhaps the current value could be a lower-bound unless
explicitly specified by the user).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 891 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-devel