On Mon, Apr 24, 2006 at 10:09:53PM +0400, George Hazan wrote: > Hello, Michal! > Mon, 24 Apr 2006 17:17:47 +0200 you wrote: > > >>>>Even on a PIV/2800 with 1GB RAM it takes about 200-300 msec to launch > >>>>the gnupg.exe and process its result. > MvV>>> Than the system (windows) should be rewritten, not the program. > >>If the antivirus usage is a corporate policy, you can't change anything. > >>And that AV checks every starting program, agree? > MvV> Then the problem still is not in the exe, right? > > Surely it is. From almost all points of view calling EXE only causes a lot > of absolutely useless activity: you should initialize all keyrings, verify > users, signatures etc. every time you run a program, instead of the single > context creation, which can work then for hours.
Well, if I know, it verifies only the needed ones, not all, and when it uses the key. And, anyway, I think the time to load is not caused by the EXE, but by the antivirus you speak about. And the encryption itself is much more time consuming than the loading, at last without the antivirus you speak about. > MvV> You guess, it obeys one of the unix rules - one task = one program. > > Fortunately not all program authors follow this rule even under unix :) > That's why we have zlib, libssl, libpng, etc. But they do not do anything, they are tool. This one does. And could you imagine, what would happen, if you started up this library, loaded the keys and let it running. Then you just marked a key as untrusted. What would happen? It would make some kind of data corrupt, or in the best case, would take the key still as trusted. > MvV> I do not thing the authors will want to disobey this rule because of > MvV> your, not too well acting, system. > > Neither me nor my users don't use unices. I have to find the solution for > that concrete situation, and I just asked for some help... If there would > be another free library which can help me to encrypt messages, I'll be glad > to use it, but right now I've found only GNUPG. > > MvV> By the way, there is something like PGP, which I think provides a lib. > > Yes, but PGP Desktop (which includes a very useful DLL) is the commercial > software. It would be quite strange to force users to pay money to be able > to use a freeware, right? Well, I already have seen this somewhere, I do not remember what client id did. You can have one preloaded instance of gpg running, after use, in the background, preload another (it would be fast enought), or encrypt on background, while user is typping and send after the, quite small delay, but letting him write the new one. By the way, I somehow managed to get into some internal shell of it, maybe it supports encrypting messages and not turning it off, but I do not know for sure and I do not remember the switch. Anyway, GPG was designed to run under UNIX systems, where launching a binary is really fast (it has to be, since many good application use external programs for different actions, which menas configurability and not duplexing of code) and then it was ported to windows. Windows is not the main target platform for this, as I guess. (It is used from commandline, for example, which is quite a problem there) -- NAT should extinkt like dinosaurs did. Michal "vorner" Vaner
pgps9Rwg4H9z5.pgp
Description: PGP signature
