[imp] Public PGP Server Timeout?

Michael M Slusarz slusarz at bigworm.colorado.edu
Thu Jan 30 13:21:48 PST 2003


Quoting Rick Emery <rick at emery.homelinux.net>:

| Is there a way to set a timeout when verifying the pgp signature of a
| message
| from a public key server?
| 
| On one mailing list I belong to, there are a few people who sign their
| messages.
| Typically, the signature is verified from my specified public key server
| with no
| noticable delay; the message is displayed as quickly as messages that
| aren't signed.
| 
| This morning, apparently the public key server I use was down. As a
| result, when
| I tried to display a signed message, it took a *very* long time to
| display; I
| didn't time it, but it seemed to be 10-15 minutes. I'm assuming  this was
| because the key server was unavailable. Eventually, the message was
| displayed
| with the note that the key wasn't available.
| 
| Based on past performance, I could probably set the timeout to 10 seconds
| and
| still get good results, but I don't know how to set the value (if it can
| even be
| done).

It can't.  PHP does not support socket timeouts that work correctly across 
ALL platforms so I haven't even attempted to implement that.  Additionally, 
this would require both compilation of an additional module into PHP for 
use with Horde (the sockets module) which at this time is marked 
as "experimental"... not exactly something you want to be using in a 
production environment.

(And before anyone says anything, the PEAR Sockets library does _not_ 
implement timeouts correctly at the kernel level so that is not a potential 
solution).

Additionally, there is no timeout option to the gnupg binary either.

If anyone has a solution, I would love to hear it.  Until that time you can 
either choose a different keyserver (I have found search.keyserver.net 
seems to work better than wwwkeys.pgp.net).

michael

______________________________________________
Michael Slusarz [slusarz at bigworm.colorado.edu]
The University of Colorado at Boulder


More information about the imp mailing list