From: Ted Zlatanov <tzz@lifelogs.com>
To: Ivan Shmakov <ivan@siamics.net>
Cc: 19284@debbugs.gnu.org
Subject: bug#19284: 25.0.50; tls.el uses option --insecure
Date: Wed, 30 Dec 2015 09:46:42 -0500 [thread overview]
Message-ID: <8737uk0zal.fsf@lifelogs.com> (raw)
In-Reply-To: <87y4cdvyyr.fsf@violet.siamics.net> (Ivan Shmakov's message of "Tue, 29 Dec 2015 19:25:48 +0000")
On Tue, 29 Dec 2015 19:25:48 +0000 Ivan Shmakov <ivan@siamics.net> wrote:
IS> To note is that Gnus’ nnimap method has its own “tunnel utility”
IS> support, which I use to interface the local IMAP server (below),
IS> and which (I suppose) could be used in place of tls.el.
IS> (nnimap-stream shell)
IS> (nnimap-shell-program "MAIL=maildir:\"$HOME\"/Maildir imapd")
IS> That said, the lack of possibility to use something similar for
IS> non-nnimap connections is not something I’d appreciate.
IS> I’ve sure seen external utility support in other software, too.
IS> Check the OpenSSH client’s ProxyCommand option, for instance.
>> I think the benefit to the rest of the users will be worth it, and
>> that group can have a ELPA package to support them.
IS> As long as the hooks are in place to route the requests via that
IS> package, I have no (strong) objections to the move.
The package itself will install those hooks, I assume.
IS> But given that tls.el is about 300 LoC in total, and hardly
IS> incurs a high maintenance cost, I don’t see much value in the
IS> move, either.
There's a small but consistent amount of time spent checking "are you
using tls.el?" every time we debug a SSL/TLS issue (even if we don't ask
the user explicitly).
There is a user experience difference between relying on external tools
implicitly, which tls.el does, and explicitly, which ProxyCommand does.
Also, tls.el is not granular like ProxyCommand or the `nnimap-stream'
functionality, it applies to all connectivity. I hope that explains my
reasoning better.
Ted
next prev parent reply other threads:[~2015-12-30 14:46 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-05 19:43 bug#19284: 25.0.50; tls.el uses option --insecure Jens Lechtenboerger
2015-12-26 21:15 ` Lars Ingebrigtsen
2015-12-26 21:39 ` Andreas Schwab
2015-12-26 21:49 ` Lars Ingebrigtsen
2015-12-27 9:59 ` Andreas Schwab
2015-12-28 22:04 ` Ted Zlatanov
2015-12-29 13:29 ` Lars Ingebrigtsen
2015-12-29 19:25 ` Ivan Shmakov
2015-12-30 14:46 ` Ted Zlatanov [this message]
2015-12-30 15:57 ` Ivan Shmakov
2015-12-30 16:38 ` Ted Zlatanov
2015-12-30 18:22 ` Lars Magne Ingebrigtsen
2015-12-31 16:00 ` Ted Zlatanov
2015-12-31 18:32 ` Ivan Shmakov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8737uk0zal.fsf@lifelogs.com \
--to=tzz@lifelogs.com \
--cc=19284@debbugs.gnu.org \
--cc=ivan@siamics.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).