Change s2k count?
Werner Koch
wk at gnupg.org
Fri Dec 4 12:00:42 CET 2009
On Thu, 03 Dec 2009 10:54:32 +0100, Werner Koch wrote:
> For passphrase protected secret keys, passphrase caching helps to
> avoid delays.
That is of course a wrong statement. Passphrase caching does not help
because the passphrase is cached and not the derived protection key.
In this light a 100ms delay is too long. I sometimes get messages
with wildcard keyids. Thus gpg needs to do a couple of trial
decryption and for say 5 available secret keys, this adds up to 500ms
- definitely too long for quickly browsing your mails.
With gpg-agent we could implement a different way of caching but first
we need to integrate gpg2 better with gpg-agent.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list