From: Jani Nikula <jani@nikula.org>
To: David Bremner <david@tethera.net>,
Sebastian Schwarz <seschwar@gmail.com>,
notmuch@notmuchmail.org
Cc: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Subject: Re: [RFE] Call `gpg --recv-keys` asynchronously
Date: Sun, 05 Mar 2017 13:49:49 +0200 [thread overview]
Message-ID: <8760jouen6.fsf@nikula.org> (raw)
In-Reply-To: <8760jtx484.fsf@tethera.net>
On Tue, 28 Feb 2017, David Bremner <david@tethera.net> wrote:
> Sebastian Schwarz <seschwar@gmail.com> writes:
>> Even with all keys already present signature verification takes
>> some time as well. It would be nice if this was done
>> asynchronously as well. This would greatly improve the speed of
>> opening threads with large numbers of signed messages.
>
> Offhand, that sounds even harder.
Indeed. I think this could only be sensibly considered if we ever
decided to support decryption/verification in notmuch-emacs.
> With a noticable loss in security, we could cache the verifications in
> the database so the cost is only paid once.
From implementation POV one downside is that a read-only operation would
have to be turned into a read-write operation to store the cached result
in the database.
Assuming the database is as secure as the key store, I suppose the
reduction in security is related to key expiry and revocation. Those
bring in the problem of invalidating the cached verification. All of
this is something that has to be opt-in, judged by the user.
Even if the mechanisms might be fairly straightforward to implement, I'm
not really fond of the idea of adding somewhat complicated features not
enabled by default for all users. or features we couldn't even recommend
for people who can't make the judgement themselves.
BR,
Jani.
next prev parent reply other threads:[~2017-03-05 11:49 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-28 20:35 [RFE] Call `gpg --recv-keys` asynchronously Steven Allen
2017-02-28 22:15 ` Sebastian Schwarz
2017-02-28 23:52 ` David Bremner
2017-03-01 2:18 ` David Bremner
2017-03-01 16:13 ` Sebastian Schwarz
2017-03-05 11:49 ` Jani Nikula [this message]
2017-03-01 0:17 ` Daniel Kahn Gillmor
2021-05-05 14:01 ` David Bremner
2021-05-05 16:12 ` Steven Allen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8760jouen6.fsf@nikula.org \
--to=jani@nikula.org \
--cc=david@tethera.net \
--cc=dkg@fifthhorseman.net \
--cc=notmuch@notmuchmail.org \
--cc=seschwar@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).