GPG 1.3.1: Can't import key

David Shaw dshaw@jabberwocky.com
Thu Dec 5 03:20:02 2002


On Thu, Dec 05, 2002 at 01:47:03AM +0100, Michael Nahrath wrote:
> David Shaw <dshaw@jabberwocky.com> schrieb am 2002-12-04 23:44 Uhr:
> 
> > On Wed, Dec 04, 2002 at 10:58:59PM +0100, Michael Nahrath wrote:
> >> Last night I compiled GPG 1.3.1 on MacOS 10.2.2.
> >> Works fine until now.
> >> 
> >> On verifying the signature on David's recent posting my Mail-Plugin got
> >> stuck, so I tried to import his key 0x10F4B2AA on the commandline.
> > 
> > [..]
> > 
> >> Problem with GPG 1.3.1, my prefs, the keyserver or is it Mac specific?
> > 
> > None of the above.  That key is an Elgamal signing key.  They're slow,
> > and I mean *really* slow.
> 
> I don't believe this is the reason. The problem is gone since I deleted the
> two revoked signatures. Now I can work normally with the key.
> 
> Slow it is. Verifying David's Signature needs more than 10 seconds
> (with GPG using about 70% of my G4-500 CPU) whereas verifying other attached
> signatures (eg. Jason's and Sebastina's in this list) need less than 3
> seconds. 

Yes, they have DSA keys.

> But before deleting them those 2 signatures seem to have corrupted my whole
> keyring.

Not corrupted.  David's key has several user ID revocations on it.
Elgamal is a very slow signing algorithm, and validating those
revocation self-signatures takes time.

When you deleted one of them, you caused the signature cache to be
updated, so the sigs didn't need to be checked again.  You could have
deleted anything from that key or run --rebuild-keydb-caches and
gotten the same result.

When GnuPG imports a new key, it automatically caches signatures, but
does not cache user ID revocations.

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson