Looking up keys from a massive store
Rick van Rein
rick at openfortress.nl
Thu Aug 31 20:26:52 CEST 2017
> The keybox is the default for new installations (that is if there is no
> pubring.gpg) since 2.1. I implemented it so that (iirc) were able to do
> 20 signature verifications from a random set of keys out of 30000 keys
> within a second. Unfortunately recent changes to internal workings
> dropped the performance again.
> If you want to encrypt only, there may be a simpler way: The new option
> -F takes a file with a single key and encrypts to that key, without any
> need to access the public keyring.
Ah, that is a most useful addition :)
I also found the internal API after writing this and found that I can
load the keys, which is yet another way to get it done. Great!
> We use it for example in our Web Key
> Directory tools to do a run a challenge response protocol. See
> gnupg/tools/gpg-wks-server.c for some hints but I can also explain usage
> if you explain your protocol in more detail.
Thanks. I am still designing, so things are still fuzzy and looking
where they fit in :) The above is already quite helpful!
More information about the Gnupg-users