Tue Aug 20 01:02:02 2002

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 08/19, Jason Harris wrote:
> > I tried to email the author (as there's no mailing list indicated on the
> > webpage), but got no answer, and the webpage is not accessible right
> > now; but perhaps somebody here has found answers:=20

Sorry I missed your email.  And sorry about the site being down, there were
2 very silly problems in the last ~24 hours.  It's back up.

> > Subject: signed.db.gz and keynames.db.gz=20
> >=20
> > Is the signed.db file on
> > up to date, or do I need to re-download it from panic? How often do you=
> > update the 'signed' file? Is it possible to get mail announcement when=

The date listed next to the link to the file at is the date the file was updated.
No, I haven't been doing it often.  I am willing to set up mail
announcements if there's enough interest, but it would be nicer if Jason
generated them automatically.

> I asked similar questions before but didn't receive a reply either, IIRC.

Oops :/

> The keyanalyze preprocess.keys file doesn't have uid strings in it,
> currently.  I still haven't used sigtrace, but I generate pgpring -f -S
> listings each time I run my intermediate keyanalyze reports.  That
> output was 653,859,245 bytes on the 17th, but compresses nicely -
> under 200MB.  (Removing the fingerprints helps too.)  I can also see
> about providing xdelta diffs for the data.
> Alternately, I will _consider_ creating the sigtrace databases with
> each keyanalyze report, depending on the complexity.

The data is extremely simple.  signed.db is a perl tied hash file, where
the hash keys are gpg/pgp key IDs, and the values are a list of IDs that
have signed that key, delimited by spaces.

keynames.db is another perl tied hash where the hash keys are gpg/pgp key
IDs, and the values are a string describing it ("Darxus <Darxus@ChaosReigns=

The advantage of this data format is that there is *no* data
loading/parsing time, which is pretty incredible for the amount of data
it's handling.  Tied hashes are wonderful.

I have been getting a lot (relatively) of email about this thing lately.
It's nice that it's starting to seem like people are actually using it.  I
do need to document, or I guess clean up and release source to generate the

"It is better to die on your feet than to live on your knees."
 - Emiliano Zapata, Mexican Revolution Leader

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see