Question about --rebuild-keydb-caches
Michael Nahrath
michael@nahrath.de
Tue Apr 22 11:39:52 2003
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigA8C166A754FDF243C0F93E9F
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Ingo Klöcker wrote:
>>time gpg --check-trustdb
>
> gpg: checking at depth 0 signed=67 ot(-/q/n/m/f/u)=0/0/0/0/0/5
> gpg: checking at depth 1 signed=64 ot(-/q/n/m/f/u)=57/0/0/6/4/0
> gpg: checking at depth 2 signed=11 ot(-/q/n/m/f/u)=37/0/0/0/1/0
> gpg: checking at depth 3 signed=0 ot(-/q/n/m/f/u)=0/0/0/0/1/0
> gpg: next trustdb check due at 2003-05-31
>
> real 0m1.871s
> user 0m1.230s
> sys 0m0.420s
>
> So user time went down nearly 75%.
Did you try this a second time as well?
Did you try "time gpg --check-trustdb" afterward?
> My question is now whether there was a problem with my keyring (I have
> rebuild the caches several times since the days of 1.0.6)
Probably there are only one or two keys that cause the delay.
Try "gpg --list-keys | egrep pub\ \ ....G" to check for ElGamal Primary
keys. They are a real DOS attack to each keyring.
> or is it
> always useful to run --rebuild-keydb-caches after larger changes in the
> keyring.
AFAIHU: yes
> In the latter case the documentation needs to be improved.
ACK.
Greeting, Michi
--------------enigA8C166A754FDF243C0F93E9F
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2rc2 (Darwin)
Comment: http://www.biglumber.com/x/web?qs=0x9A4C704C
iEYEARECAAYFAj6ieksACgkQ19dRf5pMcEwo+QCfUt+Hcs8gJZScd0ge2i0OScA0
NBEAoOzsi4IFY3ouxmnGS5lzLdbEiWVc
=cPqE
-----END PGP SIGNATURE-----
--------------enigA8C166A754FDF243C0F93E9F--