GnuPG, Winblows, Speed, Key Management

Toni Mueller support@oeko.net
Wed, 27 Dec 2000 18:30:05 +0100 



Hello Brian,


thanks for the answer.

On Wed, Dec 27, 2000 at 10:49:42AM -0600, Brian Minton wrote:

> On Wed, Dec 27, 2000 at 01:49:23PM +0100, Toni Mueller wrote:

> > - Problem #1: There appears to be no good Winblows interface for it,

> I think that is being worked on.  for instance, there was some discussion

> about WinPT (I think that is right)


I'm just testing out WinPT, but this is no real substitute for a
program that just places a new encryption button in the button bar
of your favourite program, eg. next to "print message", so users
have a minimal learning curve.


> > - Problem #2: It's dog slow. I have still less than 300 keys in my

> I have more experience with pgp for linux, so this is not completely relevant,


I should have been clearer, but I have almost no experience using
Winblows, but run almost exclusively on Linux and BSD for myself.
I'm talking about my Linux experience here, and about problems
I see when advising customers on how to go about encryption.


> but the pgp I have is much slower than gpg.  like it will take about 75

> seconds to extract a key, all the while running at full cpu usage...


A friend of mine has to wait only a few seconds under Linux and with
PGP and with some 2k keys, but several minutes using gpg on the same
machine and only a few hundred keys. I have only 250-300 keys yet,
but - as said - expect that to double (triple?) very soon.


> > - Problem #3: I have adjusted gpg to fetch keys on demand from a

> >   keyserver. My experience is that these key servers apparently

... using wwwkeys.eu.pgp.net which unfortunately has only a few of
the Debian keyring or other US-centric keys.

> I have encountered this problem too, but it is the same with pgp for windows,


Sorry here ... I mixed it up again. The problem for me is only
general GPG/PGP usability here. I can expect the average Winblows
user to type in a passphrase _once_ a day, but can't expect them to
diagnose that a key server is hanging (and not their Exchange), and
how to adjust to another key server, or how to skip en/decryption.


> as far as I have seen.  Theoretically, the keyservers should be more in sync

> with each other, but in my experience, certserver.pgp.com is the most


I expected this, but in fact have seen keys not distributed across
them for some 2 months (which I almost equal to being non-functional).

> > - Problem #4: What to do in the face of massive distribution and

> >   promotion of Sphinx which is also _not_ interoperable with any

> >   kind of PGP?

> 

> pardon my ignorance, but I've never heard of Sphinx, what is it?


http://www.bsi.de/aufgaben/projekte/sphinx/index.htm

Especially if you grok German there should be a good deal of
material, but there is also some English stuff (also advertised
on their homepage www.bsi.de).


I'm still not on the list, please Cc me for answers. Thank you!


Best Regards,
--Toni++


-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org