[PATCH] doc: clarify dirmngr use-tor documentation
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri May 3 16:50:01 CEST 2019
On Fri 2019-05-03 16:18:21 +0200, Werner Koch wrote:
> On Fri, 19 Apr 2019 10:21, dkg at fifthhorseman.net said:
>
>> reloading dirmngr wouldn't allow me to clear --use-tor. Does that
>> mean i just need to restart dirmngr to clear --use-tor, instead of
>> reloading? Is that a deliberate design decision, or an accident of
>> implementation? If it's deliberate, what do i (as a user) gain from
>
> Right. You need to restart dirmngr and it is not sufficient to SIGHUP
> it. This is to make it extra hard to bypass Tor if it has been used
> before in this session.
Thanks for thinking about this!
This isn't "extra hard" though -- it just means "gpgconf --kill dirmngr"
instead of "gpgconf --reload dirmngr", right? (or SIGTERM instead of
SIGHUP)
Is this marginal increase in "hardness" worth the additional confusion
and complexity in configuration?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190503/b0bd4083/attachment-0001.sig>
More information about the Gnupg-devel
mailing list