[Gpg4win-users-en] How do I prevent dirmngr.exe from starting up and running in the background?
aheinecke at intevation.de
Thu Sep 4 11:16:40 CEST 2014
On Thursday, September 04, 2014 12:30:42 AM Chris Marlow wrote:
> The current stable version, gpg4win-2.2.1, exhibits a rather unsettling
> behavior when installed on a Microsoft Windows OS.
Every installation of gnupg2 does this, not Windows specific. Under Linux
dirmngr also runs as a service with its own user account. Dirmngr is necessary
to handle certificate revocation lists of S/MIME certificates and handles the
trust in the root certificates.
> After installation even when gpg4win is not launched, dirmngr.exe is running
> in the background, consuming some system resources.
Yes it is launched as a system service. You can disable this like any other
service in system settings / management / services. If you do not use S/MIME
or disable CRL checks this might not affect functionality.
> It might even be sending data back to servers controlled by the NSA, GCHQ,
> KGB or German BND.
Dirmngr will of course not send anything unrelated, but it will request CRL's
from your trusted root CA's. This is traffic that can be monitored.
> Could the developers prevent dirmngr.exe from ever running in the background
> when gpg4win is not launched by the user?
Afaik dirmngr is launched as a service and not on demand as it controls the
certificate trust decisions regarding S/MIME, a job traditionally controlled by
the System Administrator and not the user.
I also think that it probably is run in the background so that it can fetch
CRL's in the background so that you don't have to wait until a 5mb CRL is
fetched when you want to sign a mail. But I'm not sure about this as I have
faced some delays while waiting for CRL checks.
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Gpg4win-users-en