gpg --refresh with large keyrings and hkps in 2.1.1

Guilhem Moulin guilhem at
Mon Apr 20 14:03:44 CEST 2015

On Mon, 20 Apr 2015 at 11:34:10 +0200, Werner Koch wrote:
> On Mon, 20 Apr 2015 11:17, guilhem at said:
>> Doesn't gpg use a single connection for the whole --refresh-keys?  AFIK
>> the 10min windows (‘MaxCircuitDirtiness’ in the torrc) is only relevant
>> for new connections; I doubt tor client kills existing TCP connections
> At the gpg (or better openpgp) summit last weekend we talked about this
> and came up with the idea to add a --use-tor option to make it easier to
> use TOR.

That would be awesome!  Please beware DNS leaks, though.  Also, do you
plan to restore SOCKSv5 proxying (via --http-proxy and libcurl)?  With
1.4 and 2.0 it's very convenient for fine-grained Tor circuit uses
(E.g., with libcurl's ‘socks5h://’ and a custom username:password.)

> I will work on these things with a higher priority.

Many thanks :-)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: </pipermail/attachments/20150420/0f793335/attachment.sig>

More information about the Gnupg-devel mailing list