The --use-tor option

Jacob Appelbaum jacob at
Tue Oct 20 19:44:04 CEST 2015

On 10/20/15, Daniel Kahn Gillmor <dkg at> wrote:
> On Mon 2015-10-19 10:54:49 -0400, Malte wrote:
>> On Monday 19 October 2015 15:03 Werner Koch wrote:
>>> This is not complete because DNS lookups are leaking.  This could be
>>> fixed […]
>> Maybe Kristian Fiskerstrand would be willing to set up an Onion Service
>> for
>> the SKS-Pool that could be used by default?
> I don't think this makes much sense -- there are already keyservers that
> offer hidden services (e.g. qdigse2yzvuglcix.onion), but they are
> individual keyservers.
> providing a .onion frontend to the pool would be something very
> different.  how would it work?  would it just proxy connections to other
> members of the pool?  if so, it's basically acting as a tor exit node,
> but a very specialized one.  is this a good idea?

It would be possible to use OnionBalance here - someone can run a
popular .onion and add all of the SKS servers with .onions into that
instance of Onion balance. Thus - a single .onion name can redirect
entirely within Tor to every individual SKS server that has a .onion
name/Hidden Service.

> or are you imagining it would do something different?

It would be great if we shipped some .onion SKS servers that work with
Tor by default - not so different than shipping the SKS server pool by

All the best,

More information about the Gnupg-devel mailing list