GnuPG 1.2.1 trustdb checks for every pubkey import?
Thu Feb 27 05:10:01 2003
Content-Type: text/plain; charset=us-ascii
Every time a key is added to my public keyring, GnuPG forces a
trustdb check. Has anyone else experienced this at least absurd and
arguably broken behavior?
Using --no-auto-check-trustdb makes reading mail with mutt practical
again. Using --no-expensive-trust-checks has no visible effect
(but that's probably to be expected based on its entry in the man
page). Exporting my trust, blowing away trustdb.gpg, and
reimporting my trust doesn't change this behavior.
There is no sane explanation for needing to do a trustdb check with
every imported key. If that were going to be necessary, then it
shouldn't ever have been modularized out.
I don't think I have an excessively large web of trust, but what do
For reference, here's what a --check-trustdb looks like for me these
uriel:~% time gpg --check-trustdb
gpg: checking at depth 0 signed=3D46 ot(-/q/n/m/f/u)=3D0/0/0/0/0/1
gpg: checking at depth 1 signed=3D84 ot(-/q/n/m/f/u)=3D0/0/0/17/29/0
gpg: checking at depth 2 signed=3D288 ot(-/q/n/m/f/u)=3D0/0/0/72/7/0
gpg: checking at depth 3 signed=3D181 ot(-/q/n/m/f/u)=3D0/74/0/22/1/0
gpg: checking at depth 4 signed=3D0 ot(-/q/n/m/f/u)=3D0/0/0/0/1/0
gpg: next trustdb check due at 2003-03-07
gpg --check-trustdb 109.24s user 20.77s system 80% cpu 2:40.70 total
This is on a PowerPC G3 (a 750, running, I believe, at 300 MHz,
but it's been a long time since I thought about it and NetBSD/macppc
doesn't report cycle speed in dmesg(8)) with 288 MBs (says dmesg(8);
I don't recall exactly what DIMMs I've got in there) of memory.
The disk isn't the fastest around, but this process is clearly
(based on zsh's time builtin's output and also observation of top(1)
while the thing is running) cpu-bound, so that doesn't matter
gpg (GnuPG) 1.2.1
Copyright (C) 2002 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, TIGER192
Compress: Uncompressed, ZIP, ZLIB
NetBSD uriel 1.5.3_ALPHA NetBSD 1.5.3_ALPHA (URIEL) #2: Wed Jan 16 07:12:29=
EST 2002 email@example.com:/usr/src/sys/arch/macppc/compile/URIEL =
There doesn't seem to be any discussion of this on either this list
or gnupg-devel (searched for "1.2.1 trustdb" using
http://marc.theaimsgroup.com/), but I'd be glad to be pointed at an
archive of a previous discussion if there is one, having just
subscribed to this mailing list.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (NetBSD)
-----END PGP SIGNATURE-----