From bb0c4bf316a917be13d1e0f1cd0cdea36de7e342 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Wed, 18 Jul 2012 17:08:35 -0700
Subject: [PATCH] notes on future blacklist import speedups

---
 server-ca/blacklisting/import-openssl-blacklist.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/server-ca/blacklisting/import-openssl-blacklist.py b/server-ca/blacklisting/import-openssl-blacklist.py
index db9e45027..efd299f9e 100644
--- a/server-ca/blacklisting/import-openssl-blacklist.py
+++ b/server-ca/blacklisting/import-openssl-blacklist.py
@@ -2,14 +2,21 @@
 
 # This imports a Debian OpenSSL modulus blacklist file into the
 # Redis set "debian_moduli".  Specify one or more files on the
-# command line to import them.  Importing will require a little
-# under a minute per file.
+# command line to import them.  Importing will require somewhere
+# around a minute per file.
 
 # E.g.,
 # python import-openssl-blacklist.py /usr/share/openssl-blacklist/blacklist.*
 # will import everything (including 1024 and 512 bit moduli, which might be
 # rejected for other reasons).
 
+# It would probably be a lot faster to make this use
+# http://redis.io/topics/mass-insert
+# instead of the Python redis library, or, indeed, to simply use
+# grep -hv '#' /usr/share/openssl-blacklist/blacklist.RSA-* | sed 's/^/sadd debian_moduli /' | redis-cli --pipe
+# but this requires redis-cli 2.4, and our test systems all have only
+# redis-cli 2.2.12.
+
 import sys, redis
 
 r = redis.Redis()