Key generation: is it possible to fail fast?
Bjarni Runar Einarsson
bre at pagekite.net
Mon Feb 20 10:50:32 CET 2017
-----BEGIN PGP SIGNED MESSAGE-----
Justus Winter <justus at g10code.com> wrote:
> Sorry, I didn't get the idea across. I meant to say that a
> frontend like the MUA can communicate that it started a key
> generation wizard to GnuPG running as a background service.
Thank you for the clarification. However, even this fails badly
in two ways:
1) User doesn't complete the form, aborts and then starts over -
except now the entropy pool has been drained.
2) Key generation is fully automatic, there's no form for the
user to fill out... but I still need to inform them that key
generation is happening and request they don't close the app
Either way, Werner is right, when the entropy is replentished too
slowly we're talking about key generation times well above 15
minutes. I've given up myself after half an hour and stopped
recommending 4k keys by default in Mailpile for this reason
The time spent in the wizard just doesn't matter that much.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the Gnupg-devel