On Fri, Apr 21, 2017 at 06:52:20PM +0200, Werner Koch wrote: > > gpg: WARNING: server 'dirmngr' is older than us (2.1.17 < 2.1.18). Run > > 'gpgconf --kill dirmngr' to terminate it. A new instance will be restarted > > as needed. > We already have some hints messages printed in --verbose mode, like: > gpg: further info: Tor is not properly configured > So I would suggest to print > gpg: further info: A restart can be forced using "gpgconf --kill all"
Technically it sounds like the right thing. I had no idea I could get hints with --verbose, though, so I wouldn't have seen it. > > Alternately, it might be nice for gpg to try to effect the restart > > itself (though i worry that could get into a loop, since gpg itself is > Not a good idea in case you have other sessions running or you need the > cache. Could gpg tell dirmngr/gpg-agent to kill themselves the next time they are idle and not servicing anyone? I imagine that would do the restart without being a problem for other sessions running. I don't know about the cache. I also don't know what's the danger in running servers that have an older version than gpg itself: is it just a cosmetic thing, or could there be a malfunction, like an ABI mismatch, or an attack vector, like a security issue having been fixed in the new server version, and needing a restart to take effect? If it's just cosmetic, I'd suggest to move the warning to --verbose hints as well. If there is a danger, I'd like the danger to be spelled out clearly, like: gpg: WARNING: server 'dirmngr' is older than us (2.1.17 < 2.1.18). Run with --verbose for details. gpg: further info: Outdated servers may lack important security fixes. gpg: further info: A restart can be forced using "gpgconf --kill all" Enrico -- GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini <[email protected]>
signature.asc
Description: PGP signature
