[Pkg-privacy-maintainers] Bug#836266: Bug#836266: dirmngr: Please disable "use-tor" by default.

intrigeri intrigeri at debian.org
Tue Dec 6 15:34:26 UTC 2016

Dear users and fellow maintainers,

I am very much in doubt about what to do with this bug report.

Ideally, I think that parcimonie would start its own dirmngr instance,
fork the configuration of the default instance, and enable use-tor in
its own copy. I guess that's doable, but I am not convinced it's worth
the effort.

Let me make my case in favour of not changing anything. Given the
purpose of parcimonie, in the use cases I can think of, it makes lots
of sense that key fetches done outside of parcimonie go through Tor as
well. Moreover, one may see the current behaviour (forcing use-tor
into dirmngr.conf) as a fail-safe mechanism that makes running e.g.
"gpg --refresh-keys" slightly less harmful (in the threat model
parcimonie is concerned about) than if it were done without using Tor.
IIRC some OpenPGP GUIs (Seahorse, Enigmail) make it really easy to
trigger such an operation, possibly without realizing the
consequences. So it may be argued that the current behaviour is the
best parcimonie can provide to those who feel the need to install it:
one may argue that it does the right thing, even if that does not
match the most advanced users' expectations.

Now, I have to admit that the currently resulting UX is sometimes
painful. In the past few months I often had to ask dirmngr to forget
that it thought my configured keyserver was down, otherwise it would
simply not even try, although my network connectivity + Tor client
were up again. But I did not notice any such problem recently, which
makes my life easier again. I suspect that dirmngr was recently
improved in this respect.

Thoughts, opinions, user experience feedback and patches are
welcome :)

> However it's just been resolved by an upgrade of gnupg/dirmngr to the
> latest version in sid, 2.1.16-2.

I concur: current dirmngr works just fine (again) for me.

> I believe the fix to use-tor issues was added in 2.1.15-9 by using adns
> for better DNS resolution.

Note that the adns support was then reverted in 2.1.16-2, "due to lack
of security support (Closes: #845078)".


More information about the Pkg-privacy-maintainers mailing list