What does Kleopatra want a connection for?

After recently installing GPG4Win 2.0, I tried Kleopatra for the first time and after a few troubles (Had to reinstall, as it didn’t do anythin after the first time.) I got it to run. When playing around with it a bit, though, I was surprised by Kleopatras insistance on connecting to the net for every single action.

At first I figured it was to check block lists and/or get keys from keyservers, but even when only signing something with my own key, Kleopatra tries to connect to the net. (And when blocked from doing so, actions it should be able to do, like signing a file or encrypting it with a key, often fail with some incorrect error message like “wrong passphrase” when it didn’t eve ask for one.)

As somebody who prefers to keep his networked applications on a tight leash, this is … annoying at best and pretty close to a dealbreaker for me, especially after having no such troubles with earlier versions and/or WinPT.

So, why does Kleopatra feel like it needs this connection to the net and why does it fail in this (pretty ridiculous) way when blocked frm doing so?


I just wandered in lost myself. If you don’t mind I’ll give your question a shot. You didn’t say what firewall you had, but wonder if its possibly zonealarm. The new GPG2 files light up zonealarm like a christmas tree anD it is alarming… until you realize that the requests are all for the local machine … ie what should be in the ZA trusted zone. IT IS SAFE TO ALLOW SUCH “SELF” CONNECTIONS, and to allow them permanently.

Attempted conections to the internet are an entirely different matter. If you are getting those, that could be a big problem. I have XP-SP2 and just installed 2.0.0 and I have observed no UNREQUESTED connections to the internet. There are provisions to check the keyservers to validate keys and such, but go through the preferences carefully (config.gpg, kleopatra) and make sure of your settings.

(I run a tight ship too, although it keeps getting harder. I’ve had no problems with unauthorized access by gpg, or gpg4win - and I’ve been a user since before gpg4win was invented)