[Popcon-developers] Drop atime and ctime for privacy reasons possible?
Bill Allombert
Bill.Allombert at math.u-bordeaux1.fr
Sun Oct 28 18:01:48 UTC 2012
On Sun, Oct 28, 2012 at 04:50:54PM +0000, adrelanos wrote:
> Bill Allombert:
> > On Sun, Oct 28, 2012 at 04:25:23PM +0000, adrelanos wrote:
> >> Bill Allombert:
> >>> On Sat, Oct 27, 2012 at 11:48:45PM +0000, adrelanos wrote:
> >>>> Bill Allombert:
> >>>>> On Sat, Oct 27, 2012 at 09:55:22AM +0000, adrelanos wrote:
> >>>>>> Paul Wise:
> >>>>>>> On Fri, Oct 26, 2012 at 6:37 PM, adrelanos wrote:
> >>>>>>>
> >>>>>>>> for privacy reasons.
> >>>>>>>
> >>>>>>> In addition, it would be great to see popcon.d.o switch
> >>>>>>> to SSL to
> >>>> add privacy.
> >>>>>
> >>>>> I would rather use gpg.
> >>>>
> >>>> gpg is fine.
> >>>
> >>> Could you do some benchmark ? - Generate a popcon report on a
> >>> system with a large number of packages
> >> installed,
> >>> - Encrypt it with gpg --armor with some public key. - Then
> >>> decrypt it 1000 times with the matching private key. - Compute
> >>> time. - Retry with a different keylength or algorithm.
> >>>
> >>> Cheers,
> >>
> >> ~100 KiB popcon file encrypted with 4096/4096 gpg key.
> >
> > What does mean 4096/4096 ? RSA 4096 ? What symmetric encryption
> > scheme is used?
>
> RSA 4096 asymmetric encryption.
Thanks. What is the underlying symmetric encryption ?
(RSA is used to encrypt a symmetric key used to encrypt the message.
The decryption time depend on the symmetric algorithm. Normally it is
some variant of AES. This can influence the running time.)
I read your script and you do not use ASCII armoring. Could you retry with
using ASCII armoring ? I would prefer to avoid binary transmission in
popcon protocol, but it might have a performance penalty.
Cheers,
Bill.
More information about the Popcon-developers
mailing list