GnuPG, Winblows, Speed, Key Management

Toni Mueller
Wed, 27 Dec 2000 18:30:05 +0100

Hello Brian,

thanks for the answer.

On Wed, Dec 27, 2000 at 10:49:42AM -0600, Brian Minton wrote:

> On Wed, Dec 27, 2000 at 01:49:23PM +0100, Toni Mueller wrote:
> > - Problem #1: There appears to be no good Winblows interface for it,
> I think that is being worked on. for instance, there was some discussion
> about WinPT (I think that is right)
I'm just testing out WinPT, but this is no real substitute for a program that just places a new encryption button in the button bar of your favourite program, eg. next to "print message", so users have a minimal learning curve.
> > - Problem #2: It's dog slow. I have still less than 300 keys in my
> I have more experience with pgp for linux, so this is not completely relevant,
I should have been clearer, but I have almost no experience using Winblows, but run almost exclusively on Linux and BSD for myself. I'm talking about my Linux experience here, and about problems I see when advising customers on how to go about encryption.
> but the pgp I have is much slower than gpg. like it will take about 75
> seconds to extract a key, all the while running at full cpu usage...
A friend of mine has to wait only a few seconds under Linux and with PGP and with some 2k keys, but several minutes using gpg on the same machine and only a few hundred keys. I have only 250-300 keys yet, but - as said - expect that to double (triple?) very soon.
> > - Problem #3: I have adjusted gpg to fetch keys on demand from a
> > keyserver. My experience is that these key servers apparently
... using which unfortunately has only a few of the Debian keyring or other US-centric keys.
> I have encountered this problem too, but it is the same with pgp for windows,
Sorry here ... I mixed it up again. The problem for me is only general GPG/PGP usability here. I can expect the average Winblows user to type in a passphrase _once_ a day, but can't expect them to diagnose that a key server is hanging (and not their Exchange), and how to adjust to another key server, or how to skip en/decryption.
> as far as I have seen. Theoretically, the keyservers should be more in sync
> with each other, but in my experience, is the most
I expected this, but in fact have seen keys not distributed across them for some 2 months (which I almost equal to being non-functional).
> > - Problem #4: What to do in the face of massive distribution and
> > promotion of Sphinx which is also _not_ interoperable with any
> > kind of PGP?
> pardon my ignorance, but I've never heard of Sphinx, what is it? Especially if you grok German there should be a good deal of material, but there is also some English stuff (also advertised on their homepage I'm still not on the list, please Cc me for answers. Thank you! Best Regards, --Toni++ -- Archive is at - Unsubscribe by sending mail with a subject of "unsubscribe" to