I deleted 80 % of my keyring, but my keybox file isn't shrinking

ilf ilf at zeromail.org
Wed Jul 17 23:41:35 CEST 2019

Over the years, my keyring grew and got rather big. So I did some 
cleaning and deleted some revoked and otherwise useless certificates.

(If you wonder how, see this script - feedback welcome: 

This got my keyring down from 4.600 to 1.000 keys:

> % kbxutil --stats ~/.gnupg.bak/pubring.kbx | grep -e "Total" -e "openpgp"
> Total number of blobs:     4656
>               openpgp:     4617
> % kbxutil --stats ~/.gnupg/pubring.kbx | grep -e "Total" -e "openpgp"
> Total number of blobs:     1041
>               openpgp:     1002

But the keybox file didn't get any smaller:

> % du -h ~/.gnupg/pubring.kbx ~/.gnupg.bak/pubring.kbx
> 99M     ~/.gnupg/pubring.kbx
> 99M     ~/.gnupg.bak/pubring.kbx

Why is this?

I really don't understand keybox well enough to answer this myself.


PS: This could probably be updated:

> Well, OpenPGP keys are not implemented, gpg still used the keyring 
> file pubring.gpg.



If you upload your address book to "the cloud", I don't want to be in it.

More information about the Gnupg-users mailing list