From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Christoph Scholtes <cschol2112@googlemail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: bug#10612: GnuTLS bundled with the windows Emacs binaries
Date: Sun, 29 Jan 2012 10:08:47 -0700
Message-ID: <4F257D1F.5050105@gmail.com>
References: <84boromyob.fsf@tum.de> <m3lipk5scv.fsf@stories.gnus.org>
	<84ipknew07.fsf@tum.de> <87ipjzs512.fsf@gnus.org>
	<87wr8e8o58.fsf_-_@lifelogs.com> <4F256D1E.4070902@gmail.com>
	<CAAeL0SRz0qWZKEW4y05Kp1V2swDSY1HkwQ_XjQWV5GHPaYnMfQ@mail.gmail.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: dough.gmane.org 1327856937 15322 80.91.229.3 (29 Jan 2012 17:08:57 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Sun, 29 Jan 2012 17:08:57 +0000 (UTC)
Cc: Ted Zlatanov <tzz@lifelogs.com>, Eli Zaretskii <eliz@gnu.org>,
	Emacs-Devel devel <emacs-devel@gnu.org>
To: Juanma Barranquero <lekktu@gmail.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Jan 29 18:08:56 2012
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1RrYFM-0004cz-4D
	for ged-emacs-devel@m.gmane.org; Sun, 29 Jan 2012 18:08:56 +0100
Original-Received: from localhost ([::1]:32859 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1RrYFL-0000LU-JC
	for ged-emacs-devel@m.gmane.org; Sun, 29 Jan 2012 12:08:55 -0500
Original-Received: from eggs.gnu.org ([140.186.70.92]:60603)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cschol2112@googlemail.com>) id 1RrYFI-0000Ju-6i
	for emacs-devel@gnu.org; Sun, 29 Jan 2012 12:08:53 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <cschol2112@googlemail.com>) id 1RrYFG-0002AM-Sr
	for emacs-devel@gnu.org; Sun, 29 Jan 2012 12:08:52 -0500
Original-Received: from mail-gy0-f169.google.com ([209.85.160.169]:64633)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cschol2112@googlemail.com>)
	id 1RrYFG-0002AI-JV; Sun, 29 Jan 2012 12:08:50 -0500
Original-Received: by ghrr14 with SMTP id r14so1596523ghr.0
	for <multiple recipients>; Sun, 29 Jan 2012 09:08:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=googlemail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:cc:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	bh=IISPYbrgfgIdxbRT8my4i6EYOXzSZq93SMgcjDvqsuU=;
	b=n9h/WX4BmR522k4xB+3bwSMd5X6/hnj9Mjk3YU8MMxDwLHp2vr3pDZIZGUXM0gMtAe
	z//dfYM9C95jeKvk/AjAkW0Rrx5JCSyMdSrDO+yvV/0BJ72e8/ZhkIOQ0nyGmk+bZY4l
	VsvkiXKrShkDKGw7Vapnyq+6qajrqVGctY9+A=
Original-Received: by 10.236.123.47 with SMTP id u35mr21391847yhh.115.1327856929876;
	Sun, 29 Jan 2012 09:08:49 -0800 (PST)
Original-Received: from [192.168.1.6] (71-212-144-226.hlrn.qwest.net. [71.212.144.226])
	by mx.google.com with ESMTPS id
	o9sm26206460yhk.20.2012.01.29.09.08.48 (version=SSLv3 cipher=OTHER);
	Sun, 29 Jan 2012 09:08:49 -0800 (PST)
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
	rv:9.0) Gecko/20111222 Thunderbird/9.0.1
In-Reply-To: <CAAeL0SRz0qWZKEW4y05Kp1V2swDSY1HkwQ_XjQWV5GHPaYnMfQ@mail.gmail.com>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 209.85.160.169
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:148011
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/148011>

On 1/29/2012 9:47 AM, Juanma Barranquero wrote:

>> I agree with
>> Juanma who IIRC said that we are providing an _Emacs binary distribution_.
>
> Yes, and only because we're sort of forced to do it.

Why is that?

> Apart from politics, the other reason against (whether other people
> finds it compelling or not, I don't know), is that including the
> binary means taking responsibility. For example, to release security
> upgrades as soon as possible, at least for serious bugs. That also
> means monitoring the GnuTLS lists (or security bulletins). Which is
> currently done, I think, but what if the people doing it suddently
> lacks time or just moves to other pursuits? It's easy to start
> distributing the GnuTLS DLLs, harder to stop doing it.

I agree, but doesn't that also start with compiling support for GnuTLS 
into the prebuilt Emacs? Don't we start taking responsibility at that 
point? If there is a security update for GnuTLS that requires the user 
to use the latest certain version, don't we have to provide support for 
the latest version in the binary? Assuming that you can't use the fixed 
binary with the previous versions headers, that is.

Christoph