On Mon, Apr 24, 2006 at 10:09:53PM +0400, George Hazan wrote:
Hello, Michal!
Mon, 24 Apr 2006 17:17:47 +0200 you wrote:
Even on a PIV/2800 with 1GB RAM it takes about 200-300 msec to
launch
the gnupg.exe and process its result.
MvV>>> Than the system (windows) should be rewritten, not the
program.
If the antivirus usage is a corporate policy, you can't change
anything.
And that AV checks every starting program, agree?
MvV> Then the problem still is not in the exe, right?
Surely it is. From almost all points of view calling EXE only
causes a lot
of absolutely useless activity: you should initialize all
keyrings, verify
users, signatures etc. every time you run a program, instead of
the single
context creation, which can work then for hours.
Well, if I know, it verifies only the needed ones, not all, and
when it
uses the key.
And, anyway, I think the time to load is not caused by the EXE, but by
the antivirus you speak about. And the encryption itself is much more
time consuming than the loading, at last without the antivirus you
speak
about.
MvV> You guess, it obeys one of the unix rules - one task = one
program.
Fortunately not all program authors follow this rule even under
unix :)
That's why we have zlib, libssl, libpng, etc.
But they do not do anything, they are tool. This one does. And
could you
imagine, what would happen, if you started up this library, loaded the
keys and let it running. Then you just marked a key as untrusted. What
would happen? It would make some kind of data corrupt, or in the best
case, would take the key still as trusted.
MvV> I do not thing the authors will want to disobey this rule
because of
MvV> your, not too well acting, system.
Neither me nor my users don't use unices. I have to find the
solution for
that concrete situation, and I just asked for some help... If
there would
be another free library which can help me to encrypt messages,
I'll be glad
to use it, but right now I've found only GNUPG.
MvV> By the way, there is something like PGP, which I think
provides a lib.
Yes, but PGP Desktop (which includes a very useful DLL) is the
commercial
software. It would be quite strange to force users to pay money to
be able
to use a freeware, right?
Well, I already have seen this somewhere, I do not remember what
client
id did.
You can have one preloaded instance of gpg running, after use, in the
background, preload another (it would be fast enought), or encrypt on
background, while user is typping and send after the, quite small
delay,
but letting him write the new one.
By the way, I somehow managed to get into some internal shell of it,
maybe it supports encrypting messages and not turning it off, but I do
not know for sure and I do not remember the switch.
Anyway, GPG was designed to run under UNIX systems, where launching a
binary is really fast (it has to be, since many good application use
external programs for different actions, which menas
configurability and
not duplexing of code) and then it was ported to windows. Windows
is not
the main target platform for this, as I guess. (It is used from
commandline, for example, which is quite a problem there)
--
NAT should extinkt like dinosaurs did.
Michal "vorner" Vaner
