Large keys and the keybox

Werner Koch wk at
Fri Oct 10 11:35:28 CEST 2014

On Thu,  9 Oct 2014 21:47, dkg at said:

> Does this limit size of an entire OpenPGP certificate, or just the key
> itself?

The certificate (aka keyblock) plus some keybox created meta

I'd really like to have a limit here although all gpg versions don't
have a real memory limit at all (the keyblock is parsed into a linked
list and thus a large keyblock (i.e. with images) may eat up lots of
memory.  Which is the reason why it might be useful to add an API to
gpgme to set an rlimit for GnuPG processes.

Having a limit on import, as we have now with the keybox, would sort out
possible made up large keys (modulo schmorpness).



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list