Commod0re
commented
4 years ago Do we have an example key like this I can look at? In my experience loading large keyrings is purely IO bound, would like to make sure that's still the case
On Sat, Oct 12, 2019, 12:50 AM dkg notifications@github.com wrote:
Some certificates are flooded with garbage certifications https://dkg.fifthhorseman.net/blog/community-impact-openpgp-cert-flooding.html. using pgpy.PGPKey.from_file on such a certificate takes significantly longer than it should (e.g. 90 seconds to load a 28MiB certificate).
I suspect (though i have not profiled) the main cost has to do with cryptographic verification, which isn't necessarily desired. It would be great to be able to load/parse such a certificate quickly, to be able to process or filter out certifications based on non-cryptographic properties.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/SecurityInnovation/PGPy/issues/290?email_source=notifications&email_token=AAUABGSOJZC73ERTPDGTRJTQOF6V5A5CNFSM4JABXWJ2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HRLHM2Q, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAUABGTWC75CNPXBWSFTT3LQOF6V5ANCNFSM4JABXWJQ .
dkg
Some certificates are flooded with garbage certifications. using
pgpy.PGPKey.from_fileon such a certificate takes significantly longer than it should (e.g. 90 seconds to load a 28MiB certificate).I suspect (though i have not profiled) the main cost has to do with cryptographic verification, which isn't necessarily desired. It would be great to be able to load/parse such a certificate quickly, to be able to process or filter out certifications based on non-cryptographic properties.