Looking up keys from a massive store

Rick van Rein rick at openfortress.nl
Wed Aug 30 21:06:19 CEST 2017


Hello,

I am investigating how to use GnuPG in a content_filter.  I found an old
post

https://lists.gt.net/gnupg/users/53184

where the linear search through the keyring was mentioned as a scaling
problem
for the number of keys.  That would probably hit us too.  If I've seen it
correctly, the keybox format mentioned there is not part of today's gnupg.

What key search method would you recommend that is scalable to many keys and
to many signatures being placed in parallel?  Or is it perhaps an idea to
create public keyrings just for the purpose of one email being sent?  [No
idea if that is possible at all, let alone how, just thinking out loud.]

FWIW, the intention is to fill the LDAP store with keys that are submitted
over email, and accepted based on DKIM signatures on the email.  Email that
is sent would be automatically encrypted with PGP, and DKIM would sign the
entire message in the mail server.

https://github.com/arpa2/abactis

Thanks,

Rick van Rein
OpenFortres / ARPA2



More information about the Gnupg-users mailing list