[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Challenge-response mail filters considered harmful

On Tue, Aug 05, 2003 at 10:36:01PM +0100, Karsten M. Self wrote:
> on Tue, Aug 05, 2003 at 09:50:34AM +0100, Colin Watson (cjwatson@debian.org) wrote:
> > On Mon, Aug 04, 2003 at 09:18:05PM -0700, Steve Lamb wrote:
> > >     Why when two entries in your .gnupg/gpg.conf file will do it
> > > just fine?
> > > 
> > > keyserver x-hkp://pgp.mit.edu
> > > keyserver-options auto-key-retrieve
> > 
> > I can see why Pigeon's approach might be preferable. I found
> > auto-key-retrieve annoying and turned it off because it slowed
> > things down *while I was reading mail*, which I want to be fast.
> > Doing that task as mail is retrieved is something I hadn't thought
> > of and would be far smoother for me.
> Given that a given key is only retrieved once, the penalty is
> front-loaded, and gets better.
> You can always abort the fetch with ^C.

I can, but I'm often reading mail over a relatively slow ssh link and it
takes me a few seconds for my brain to decide whether it's just a slow
connection or whether gpg is really sitting there trying to talk to a
keyserver. Trust me, I did consider this and it really does slow me down
significantly while I'm trying to get through the huge number of mails I
get a day in a sensible amount of time. I can always (and do, now and
then) retrieve keys explicitly in cases where I'm interested.

Likewise, I've turned off gpg's automatic trustdb check since I very
rarely care about the results. People I trust I also know, and these
days I've often signed their key too.


Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to: