Werner Koch <wk@gnupg.org> writes: > On Wed, 23 Nov 2016 18:19, dkg@fifthhorseman.net said: > >> 0) turn off CRL updates entirely during s/mime signature verification > > The gpgsm option is --disable-crl-checks. > >> 1) do s/mime signature verification without CRL updates, but schedule >> CRL checks to happen in the background for dirmngr, so that future >> verifications will reflect the cert validity A notmuch user reported on IRC that adding disable-crl-checks to ~/.gnupg/dirmngr.conf eliminated the long pauses when verifying s/mime signatures. This will prevent the user from noticing Certificate revokations, so it's not without cost in security, but perhaps it's temporary workaround until we figure out some better solution. d