The --use-tor option
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Oct 20 20:11:40 CEST 2015
On Tue 2015-10-20 13:31:58 -0400, malte at wk3.org wrote:
> Quoting Daniel Kahn Gillmor (2015-10-20 16:57:53)
>> On Mon 2015-10-19 10:54:49 -0400, Malte wrote:
>> > On Monday 19 October 2015 15:03 Werner Koch wrote:
>> >> This is not complete because DNS lookups are leaking. This could be
>> >> fixed […]
>> > Maybe Kristian Fiskerstrand would be willing to set up an Onion Service for
>> > the SKS-Pool that could be used by default?
>> I don't think this makes much sense -- there are already keyservers that
>> offer hidden services (e.g. qdigse2yzvuglcix.onion), but they are
>> individual keyservers.
> Ok. Then let's use that one. My main concern was the DNS resolution
Well, that's just one individual keyserver. If you configure that one
and it dies you've gotta change your settings. A pool has the usual
advantages of failover, etc.
Given that hidden services have the name bound to the public key, i'm
not sure how you'd operate a hidden service pool without sharing the
associated secret key among all hosts. Has anyone done any research on
high-availability hidden services?
More information about the Gnupg-devel