Feature #7416

Have GnuPG directly use the Tor SOCKS port

Added by intrigeri 2014-06-16 13:11:04 . Updated 2014-12-03 19:42:54 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Tails_1.2.1
Start date:
2014-06-16
Due date:
% Done:

100%

Feature Branch:
feature/7416-gnupg-socks
Type of work:
Code
Blueprint:

Starter:
0
Affected tool:
Deliverable for:

Description

As of Tails 1.0.1, we configure GnuPG to go through Polipo. According to https://trac.torproject.org/projects/tor/ticket/2846, with curl >= 7.21.7 (that is part of Wheezy), GnuPG can talk directly to the Tor SOCKS port. We should do that, to remove yet another reason to ship a HTTP proxy, and to simplify things a bit.

According to the same Tor ticket, the no-try-dns-srv keyserver option may be needed to avoid “DNS leaks”, that is, in Tails, inconsistencies in circuit isolation.

Note that we will have to tell users with persistence enabled, in release notes, that they should edit their ~/.gnupg/gpg.conf accordingly.

Subtasks

Related issues

Blocked by Tails - Feature #6015: Tails based on Wheezy Resolved 2013-07-28
Blocked by Tails - Feature #7512: Make GnuPG configuration closer to the duraconf one Resolved 2014-07-07

History

#1 Updated by intrigeri 2014-06-16 13:11:39

  • Target version set to Hardening_M1

Flagging for 3.0, for consistency with the parent ticket.

#2 Updated by intrigeri 2014-06-16 13:12:20

#3 Updated by intrigeri 2014-06-16 13:15:41

  • Description updated

#4 Updated by intrigeri 2014-08-02 13:55:58

  • blocked by Feature #7512: Make GnuPG configuration closer to the duraconf one added

#5 Updated by intrigeri 2014-11-02 00:24:02

  • Subject changed from Have GnuPG use the Tor SOCKS port directly to Have GnuPG directly use the Tor SOCKS port

#6 Updated by intrigeri 2014-11-02 15:07:09

  • Status changed from Confirmed to In Progress
  • Assignee set to intrigeri
  • % Done changed from 0 to 10
  • Feature Branch set to feature/7416-gnupg-socks

#7 Updated by intrigeri 2014-11-02 15:30:29

  • Assignee deleted (intrigeri)
  • Target version changed from Hardening_M1 to Tails_1.3
  • % Done changed from 10 to 50
  • QA Check set to Ready for QA

#8 Updated by intrigeri 2014-11-02 15:32:45

  • Target version changed from Tails_1.3 to Tails_1.2.1

#9 Updated by anonym 2014-11-05 17:24:58

  • Status changed from In Progress to Fix committed
  • % Done changed from 50 to 100
  • QA Check changed from Ready for QA to Pass

#10 Updated by BitingBird 2014-12-03 19:42:54

  • Status changed from Fix committed to Resolved