The --use-tor option
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Oct 20 20:11:40 CEST 2015
On Tue 2015-10-20 13:31:58 -0400, malte at wk3.org wrote:
> Quoting Daniel Kahn Gillmor (2015-10-20 16:57:53)
>> On Mon 2015-10-19 10:54:49 -0400, Malte wrote:
>> > On Monday 19 October 2015 15:03 Werner Koch wrote:
>> >
>> >> This is not complete because DNS lookups are leaking. This could be
>> >> fixed […]
>> >
>> > Maybe Kristian Fiskerstrand would be willing to set up an Onion Service for
>> > the SKS-Pool that could be used by default?
>>
>> I don't think this makes much sense -- there are already keyservers that
>> offer hidden services (e.g. qdigse2yzvuglcix.onion), but they are
>> individual keyservers.
>
> Ok. Then let's use that one. My main concern was the DNS resolution
> problem.
Well, that's just one individual keyserver. If you configure that one
and it dies you've gotta change your settings. A pool has the usual
advantages of failover, etc.
Given that hidden services have the name bound to the public key, i'm
not sure how you'd operate a hidden service pool without sharing the
associated secret key among all hosts. Has anyone done any research on
high-availability hidden services?
--dkg
More information about the Gnupg-devel
mailing list