On Wed, 19 Aug 2009 11:37, lis...@story-games.at said: > I've recently switched over (by way of gpg4win) to GPG 2.0.12 and > there's one thing I'm wondering: When I start gpg, my firewall asks me > if I want to allow gpg-agent to connect to the network. Being one of
That is one of these stupid firewalls, not expecting that local TCP connections (a connection to 127.0.0.1). The Kleopatra keymanager even has a test for this and shows an appropriate notice. Connecting to the local host is fine, it is nothing else than a simple inter process connection (IPC). Put the the address 127.0.0.1 into the whitelist of your firewall. Background: Under Windows we don't have Unix Domain sockets. However, we use them in GnuPG for IPC and thus need a way to emulate them on Windows. Given that we use the sockets semantics it is natural that we use a local TCP connection. Actually this method is the only which easily allows to restrict a server to accept connection only from the local host: The server does only listen on 127.0.0.1 and thus is not reachable from the outside. The filename as sused with Unixdomain sockets is here a real file containing the port the server is listening to and a nonce so that only processes able to open the file are allowed to connect to the server. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
