On Tue, 13 Aug 2019 09:54, gnupg-users@gnupg.org said: > The bug, however, is in the program that chokes on poisoned keys!
Nope. This is a long standing DoS protection by limiting the total length of a keyblock. The diagnostics were a bit misleading, though. The time it took to process all these signatures during importing is due to a fix and out of order keyblock functions which has been enabled by default in 2.1. It should be obvious that checking several thousands of signatures and finding the matching user-id takes its time. Anyway, given that these keys are real the approach with 2.2.17 is to auto-retry an import with import-clean etc. if the keyblock size hits the size limit. For keyserver imports import-clean is also the default. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
