Managing the WoT with GPG

Neal H. Walfield neal at
Fri Jun 23 15:50:27 CEST 2017

At Fri, 23 Jun 2017 15:35:05 +0200,
martin f krafft wrote:
> also sprach Werner Koch <wk at> [2017-06-22 19:02 +0200]:
> > For a key listing this means computing it for every listed key.  And the
> > majority of frontends first do a key listing and show the validity of
> > the keys before you can encrypt something.
> Obviously, one could work with caching here…
> Running --check-trustdb in the background once a day is doable, for
> sure.
> I guess what I'd really like is a way to run --update-trustdb just
> for a specific key, and a way to do that automatically when using
> a key, e.g. to verify or encrypt to…

Ensuring that a cache is consistent is *hard*.  I don't think we want
to add complexity (nevermind a cache!) to this security-critical

More information about the Gnupg-users mailing list