I have weak-digest SHA1 in gpg.conf, but it seems to have a significant performance cost. With --weak-digest SHA1, i see:
0 dkg@alice:~/.gnupg$ time gpg --check-trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: Note: signatures using the SHA1 algorithm are rejected gpg: Note: signatures using the MD5 algorithm are rejected gpg: depth: 0 valid: 4 signed: 17 trust: 0-, 0q, 0n, 0m, 0f, 4u gpg: depth: 1 valid: 17 signed: 116 trust: 17-, 0q, 0n, 0m, 0f, 0u gpg: next trustdb check due at 2020-02-01 real 4m36.953s user 1m45.679s sys 2m50.833s 0 dkg@alice:~/.gnupg$
without this entry, i see:
0 dkg@alice:~/.gnupg$ time gpg --check-trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: Note: signatures using the MD5 algorithm are rejected gpg: depth: 0 valid: 4 signed: 3 trust: 0-, 0q, 0n, 0m, 0f, 4u gpg: depth: 1 valid: 3 signed: 120 trust: 3-, 0q, 0n, 0m, 0f, 0u gpg: next trustdb check due at 2020-01-30 real 0m53.880s user 0m32.498s sys 0m21.142s 0 dkg@alice:~/.gnupg$
(this is the same keyring, a keyring with 2306 keys, but *no* 1024-bit DSA keys at all)
I would have expected a speedup, not a slowdown, for having SHA-1 disabled. rejection of a signature because it uses the wrong digest algorithm ought to be cheaper than doing the math to calculate the signature.
Even if it wasn't cheaper, given the changes in 2.2.18 rejecting SHA-1 certifications, i would have expected the difference in performance to be minimal.