[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2846 [Archived/general]: Patch GPG to support SOCKS proxies

Subject: Re: [tor-bugs] #2846 [Archived/general]: Patch GPG to support SOCKS proxies
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 17 Nov 2016 19:38:54 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 17 Nov 2016 14:39:04 -0500
In-reply-to: <047.f3eb40e5e4cc7bf38da7f9a8b4e28d3a@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.f3eb40e5e4cc7bf38da7f9a8b4e28d3a@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#2846: Patch GPG to support SOCKS proxies
------------------------------+---------------------------
 Reporter:  rransom           |          Owner:  mikeperry
     Type:  defect            |         Status:  reopened
 Priority:  Medium            |      Milestone:
Component:  Archived/general  |        Version:
 Severity:  Normal            |     Resolution:
 Keywords:                    |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+---------------------------

Comment (by cypherpunks):

 The GnuPG 2.1 branch uses `dirmngr` for key server communication.
 According to [https://www.gnupg.org/documentation/manuals/gnupg/Dirmngr-
 Options.html its documentation] it supports the `use-tor` option. To quote
 the documentation
 > This option switches Dirmngr and thus GnuPG into "Tor mode" to route all
 network access via Tor (an anonymity network). WARNING: As of now this
 still leaks the DNS queries; e.g. to lookup the hosts in a keyserver pool.
 Certain other features are disabled if this mode is active.

 The DNS leaks are probably caused by the dependence on SRV records to make
 these pools work and Tor not supporting these types of resource records.

 For key server pools people can visit the [https://sks-keyservers.net
 /overview-of-pools.php SKS keyservers pool page]. This page also mentions
 a [https://sks-keyservers.net/overview-of-pools.php#pool_tor hidden
 service]. Using the hidden service bypasses the dependence on SRV records
 so someone would expect no DNS leaks. I've tested this solution by adding
 {{{
 keyserver hkp://jirk5u4osbsr34t5.onion
 use-tor
 }}}
 to my `~/.gnupg/dirmngr.conf` file. The subsequent packet capture showed
 no DNS leaks during execution of `gnupg --search` and `gnupg --refresh-
 keys`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2846#comment:51>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #20423 [Core Tor/Tor]: Clock jumps on FreeBSD relay
Next by Author: [tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #20472, #20462, #20356, #20355, ...
Previous by thread: Re: [tor-bugs] #2846 [Archived/general]: Patch GPG to support SOCKS proxies
Next by thread: Re: [tor-bugs] #2846 [Archived/general]: Patch GPG to support SOCKS proxies
Index(es):
- Author
- Thread