[Feature request] send an user agent in hkp request

John Clizbe John at enigmail.net
Mon Feb 4 17:33:15 CET 2013


Fabian Keil wrote:
> David Shaw <dshaw at jabberwocky.com> wrote:
>> On Jan 27, 2013, at 5:33 AM, jbar <jeanjacquesbrucker at gmail.com> wrote:
>>> It should not be a big job, but is could be great to send an HTTP
user-agent within hkp request (to search, receive and send keys from/to a key
keyserver).
>> 
>> Not passing a user-agent is actually intentional behavior. Unlike some
sites which may want to behave differently for different user-agents, you get
the same key blob no matter who (or what) is making the request. Given this,
there is no real reason beyond tracking and statistics gathering to send a
user-agent string, so we don't, as it is really nobody's business what client
you are using.
> 
> An advantage of sending a User-Agent is that it allows the proxy
> to easily differentiate gpg from other clients to route the
> requests differently.

Since all HKP requests are under /pks, I really don't see how an User-Agent
string would help differentiate them. Also the default port for HKP traffic is
11371, that alone should be enough for a proxy at the client end.

> For example I do not want my gpg requests to share a Tor circuit
> with my feed reader or web browser and a "User-Agent: GnuPG"
> header would make this easier, IMHO without disclosing too much
> information.

Easier than port 11371? There's only an issue if you're sending HKP traffic on
port 80.

> "Detecting" gpg by looking for requests without a User-Agent header
> only works as long as no other client sends no User-Agent header
> either.

Keyserver requests from gpg are handled no differently than requests from PGP
or any other client. They are easily identified by being on port 11371 and/or
being under /pks.

-- 
John P. Clizbe                      Inet: John (a) Gingerbear DAWT net
SKS/Enigmail/PGP-EKP                  or: John ( @ ) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 863 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130204/9ed82287/attachment.pgp>


More information about the Gnupg-devel mailing list