Question about --rebuild-keydb-caches

Michael Nahrath michael@nahrath.de
Tue Apr 22 11:39:52 2003


This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigA8C166A754FDF243C0F93E9F
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Ingo Klöcker wrote:

>>time gpg --check-trustdb
> 
> gpg: checking at depth 0 signed=67 ot(-/q/n/m/f/u)=0/0/0/0/0/5
> gpg: checking at depth 1 signed=64 ot(-/q/n/m/f/u)=57/0/0/6/4/0
> gpg: checking at depth 2 signed=11 ot(-/q/n/m/f/u)=37/0/0/0/1/0
> gpg: checking at depth 3 signed=0 ot(-/q/n/m/f/u)=0/0/0/0/1/0
> gpg: next trustdb check due at 2003-05-31
> 
> real    0m1.871s
> user    0m1.230s
> sys     0m0.420s
> 
> So user time went down nearly 75%.

Did you try this a second time as well?
Did you try "time gpg --check-trustdb" afterward?

> My question is now whether there was a problem with my keyring (I have 
> rebuild the caches several times since the days of 1.0.6) 

Probably there are only one or two keys that cause the delay.

Try "gpg --list-keys | egrep pub\ \ ....G" to check for ElGamal Primary
keys. They are a real DOS attack to each keyring.

> or is it 
> always useful to run --rebuild-keydb-caches after larger changes in the 
> keyring. 

AFAIHU: yes

> In the latter case the documentation needs to be improved. 

ACK.

Greeting, Michi

--------------enigA8C166A754FDF243C0F93E9F
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2rc2 (Darwin)
Comment: http://www.biglumber.com/x/web?qs=0x9A4C704C

iEYEARECAAYFAj6ieksACgkQ19dRf5pMcEwo+QCfUt+Hcs8gJZScd0ge2i0OScA0
NBEAoOzsi4IFY3ouxmnGS5lzLdbEiWVc
=cPqE
-----END PGP SIGNATURE-----

--------------enigA8C166A754FDF243C0F93E9F--