gpg --refresh with large keyrings and hkps in 2.1.1
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Dec 17 23:42:50 CET 2014
On 12/17/2014 04:34 PM, Werner Koch wrote:
> On Wed, 17 Dec 2014 19:58, kristian.fiskerstrand at sumptuouscapital.com
> said:
>
>> Hmm, now that I'm back on my home network it seems to fully complete
>> refresh to hkps pool. Perhaps a network issue from my last location
>
> But it shows that we need better error messages shown directly by gpg
> and not maybe somewhere in the dirmngr log. Will for sure safe us time
> while helping users.
Agreed. It seems like "gpg --refresh" should also handle errors more
gracefully. If there is a persistent failure at a given key, maybe it
should restart the batched refresh after that failed fetch or something?
I'm not sure what the right behavior would be, though.
perhaps a "gpg --refresh" could select keys in a randomized order so
that a manual restart wouldn't always get stuck in the same place? (of
course, that would make reproducing bugs related to key fetch order
pretty frustrating)
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20141217/f450210d/attachment.sig>
More information about the Gnupg-devel
mailing list