Managing the WoT with GPG
Neal H. Walfield
neal at walfield.org
Fri Jun 23 15:50:27 CEST 2017
At Fri, 23 Jun 2017 15:35:05 +0200,
martin f krafft wrote:
> also sprach Werner Koch <wk at gnupg.org> [2017-06-22 19:02 +0200]:
> > For a key listing this means computing it for every listed key. And the
> > majority of frontends first do a key listing and show the validity of
> > the keys before you can encrypt something.
>
> Obviously, one could work with caching here…
>
> Running --check-trustdb in the background once a day is doable, for
> sure.
>
> I guess what I'd really like is a way to run --update-trustdb just
> for a specific key, and a way to do that automatically when using
> a key, e.g. to verify or encrypt to…
Ensuring that a cache is consistent is *hard*. I don't think we want
to add complexity (nevermind a cache!) to this security-critical
functionality.
More information about the Gnupg-users
mailing list