[imp] PGP/addressbooks/perfromance questions

alex@milivojevic.org alex at milivojevic.org
Fri Jun 3 10:16:32 PDT 2005


I was testing latest stable version of Horde/IMP this week, and noticed couple
of issues (well, at least issues for me) with PGP support.  Seems most of them
are due to the fact that PGP keys are stored in the addressbook.

Is it possible to use separate addressbook for PGP key storage?  I might not
want addresses from all the keys in my default addressbook (hack, some of them
I don't want in my addressbook period).

Seems a new entry is created for each identity in a key.  Say there are 5 emails
addresses associated with single key, I get five duplicate entries in the
addressbook for that person, each with complete copy of the key.  This is plain
wrong and confusing, but I understand this is limitation of Turba (which is used
to store keys).  Maybe Turba isn't the best place to store keys, after all.  Has
anybody tought of implementing specialized backend just for key storage (for
example, storing keys into separate table(s) in SQL database that will have
needed relationships to manage PGP keys correctly -- something that is simply
not possible if turba_objects table is used to store keys)?  Or extending Turba
to allow for multiple email addresses per entry (this also might solve the
problem, but again would force users to have addressbook entries for all keys,
whether they want them or not -- hm, maybe also possibility to have "hidden"
entries?)?

Anyhow, extending Turba so that arbitrary number of email addresses can be
present (with optional description) looks very tempting to me.  For example,
than I could have entry "Alex Miliv" that contains addresses "alex at home.com"
with description "home" and "alex at work.com" with description "work", and so on.
 And no PGP key duplications anymore.  Multiple PGP keys per single entry also
looks like tempting feature ;-).  That would really clean up things for the end
users.  One person, one entry in the addressbook.  The way it should be.

If I attempt to import public key file with more than one public key, all public
keys from the file are stored in all entries!  I found that the hard way.  I
have relatively large public keyring, so I did "gpg -a --export >
filename.asc", hoping that IMP will do the right thing when importing it. 
Well, it did not.  The results are catastrophic.  Each entry in my addressbook
that was created or updated by this import now has a copy of my entire public
keyring in it.  First it took ages for import to finish.  Than it takes ages to
do any operation on the individual key entries.  For example, clicking "detail"
link for the key takes forever to finish (so long I never actually waited for
it to finish).  All I can see is IMP forking gpg processes one after another in
endless loop.  I ended up doing "update turba_objects set object_pgppublickey =
null where owner_id = 'alex';" to get things sane again.  And I still have to
find a way to manually delete all those additional entries from my addressbook
(added by key import) that I don't really want.  Actually, I'm seriously
thinking about dropping entire addressbook and reimporting it again from some
other source.

The list of keys lists each identity associated with the key as separate key
entry.  This is also plain wrong, but again, probably due to Turba's
limitations.

I wouldn't mind typing some code to implement improvments in key management,
provided maintainers see a value in it (although, with my current schedule, it
might take ages (literally) before I have any workable code to contribute :-(
).

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.



More information about the imp mailing list