The --use-tor option

Donncha O'Cearbhaill donncha at donncha.is
Fri Oct 23 00:36:47 CEST 2015


Kristian Fiskerstrand:
> On 10/21/2015 12:02 PM, Kristian Fiskerstrand wrote:
>> On 10/20/2015 07:44 PM, Jacob Appelbaum wrote:
>>> On 10/20/15, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
>>>> On Mon 2015-10-19 10:54:49 -0400, Malte wrote:
>>>>> On Monday 19 October 2015 15:03 Werner Koch wrote:
>>>>>
> 
> ...
> 
> 
>>> It would be possible to use OnionBalance here - someone can run a
>>>  popular .onion and add all of the SKS servers with .onions into 
>>> that instance of Onion balance. Thus - a single .onion name can 
>>> redirect entirely within Tor to every individual SKS server that 
>>> has a .onion name/Hidden Service.
> 
> 
>> Thanks for this pointer, I'm not too familiar with it (and frankly
>> Tor in general) and busy with real life atm, but will try to read
>> up a bit and see if it is something that can be of interest later
>> this week
> 
> 
> 
> Ok, I've started doing some preliminary work on this, and added a
> manual listing of onion addresses. Tor information is as such included
> in the keyserver status listings[0] and in meta pages[1]. In the
> process my own SKS cluster is now Tor enabled.
> 
> Will look into actually setting up the pool using OnionBalance another
> day (need to set up a Gentoo package for it etc), but at least the
> framework is in place for the information.
> 
> References:
> [0] https://sks-keyservers.net/status/
> [1] https://sks-keyservers.net/status/info/keys2.kfwebs.net

I'm the developer of the OnionBalance tool. Please let me know if there
is anything I can do to help the GnuPG project with setting up a onion
service SKS pool.

Tor clients will automatically fail over and try other SKS servers
servers if the fail to connect to one of the servers in the pool. It's
also straightforward for the pool operator to swap out onion services
from the pool if they are misbehaving or offline.

Kind Regards,
Donncha

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20151022/a8c5f24d/attachment.sig>


More information about the Gnupg-devel mailing list