On Sun, 23 Apr 2017 11:09, enr...@debian.org said: > Technically it sounds like the right thing. I had no idea I could get > hints with --verbose, though, so I wouldn't have seen it.
Isn't it the first thing with Unix tools to add -v when you wonder what is going on ;-). > Could gpg tell dirmngr/gpg-agent to kill themselves the next time they > are idle and not servicing anyone? I imagine that would do the restart Well, correct installation of a software update is the task of the sysadmin or the distribution. This is the same as an update of libc or other libraries; something(tm) must happen to restart all processes using an updated library. We print the notice only to help in debugging for those who build the software on their own and forget a task. > cosmetic thing, or could there be a malfunction, like an ABI mismatch, > or an attack vector, like a security issue having been fixed in the new > server version, and needing a restart to take effect? Most things keep on on working even with an older versions. We try to make sure not to break things. However, you won't have access to bug fixes and new features. People sometimes wonder why they didn't notice a change after updating to a new gpg version and continue to complain - that is why we have this warning. Make the life easer for the maintainers. > If it's just cosmetic, I'd suggest to move the warning to --verbose > hints as well. If there is a danger, I'd like the danger to be spelled > out clearly, like: > > gpg: WARNING: server 'dirmngr' is older than us (2.1.17 < 2.1.18). Run with > --verbose for details. > gpg: further info: Outdated servers may lack important security fixes. > gpg: further info: A restart can be forced using "gpgconf --kill all" Hmmm. Can you file a report to bugs.gnupg.org ? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgp929cZHKnao.pgp
Description: PGP signature
