I finally decided that I wanted PGP for my e-mail again… I had been using thunderbird for my e-mail back when I was on a PC+Linux bu, for reasons of my own, I decided that I would try and stick it out with OSX’s Mail.app…
Google’ing led me to a post by Hanno Kaiser on the “Law & Society” Weblog
I was able to follow those directions pretty much verbatem (sp?) up intill it said that Mail.app would give me an error… it never did… so I just went along merrily… Mail.app told me I didnt have a key, so i closed it down, and launched the GPG Keychain Access app, generated myself a 4096 bit key (which took a suprisingly long time (i would have thought that It’d frozen)
As a matter of fact I *DID* think that it was frozen, and I killed it. After i went back into the krychain access utility and saw one half of the 4096 bit keys made I realized that it just was going to take an ASS long time. As a self-proof-of-concept I made first a 1024 bit, and then a 2049 bit key… when both completed apporpriately I decided to go for the throat and make the “holy grail” of gpg keys (at least the one with the biggest damn number of bits).
So, if you were paying attention you realize that I already had 2 functional keys… why waste my time on making the “makes your MacMini so slow you can tap in morse code faster then it can now accept keyboard inputs” (yea i had lots of other apps going, dont bother flaming me) key? *BECAUSE I CAN* and *BECAUSE I WANT ONE*… I mean, hell, like you dont buy hardware upgrades to give yourself the gratification of having better numbers on paper…
Anyhow… over 2 hours later I’m back to the same conclusion… creating a 4096 bit DSA key with this setup is not possible… ahh well… 2048 bit here I come…
Just goes to show… there’s always room for improvement.
DK
I believe the problem here is that GPG reads from /dev/random in order to create a key. The kernel is smart enough to block that if it hasn't accumulated enough "entropy" (random environment noise) to output truly random bits. So your program sits there waiting to read from /dev/random. I've encountered that issue before; certainly in linux, and I think I remember it being an issue in OSX. Anyway, the cure was to wiggle the mouse and hit random keys and otherwise give the machine some randomness.