Re: gpg and trustdb very slow
Aaron Lehmann wrote:
> On Mon, Sep 17, 2001 at 11:54:56PM -0400, Joey Hess wrote:
> > Has anyone else noticed that using gpg with debian-keyring 2001.09.03
> > results in excessively slow trustdb-related things?
>
> This is exactly what I was complaining about on IRC a few days ago. I
> simply am not going to use the Debian keyring if the precence of so
> many keys causes verifying a single mail to take barely-finite lengths
> of time. That's too bad, since there's a lot to be gained by actually
> verifying Debian signatures.
I should note that one workaround is to add --always-trust to your gpg
command line. At your own risk, but it does completly eliminate the long
trustdb step, reducing signature verification to its former speed.
I _hope_ that after --list-keys forces it to insert each and every key
into the trust db and do all the long calculations, and hopefully cache
them, the speed issue will be dealt with. We'll see; after 7 hours gpg
is still churning away on that command.
It'd be nice if someone would look at optimizing it sometime; the
behavior I see with strace is absurd, and could easily be done with no
syscalls, at least, by just reading the whole trustdb into memory.
[FWIW, this is a strace of a single gpg verify operation. I didn't even
let it run all the way though, giving up when the strace log reached 700
MB:
joey@kite:~>grep llseek log |wc -l
5036905
]
--
see shy jo
Reply to: