From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Christoph Scholtes Newsgroups: gmane.emacs.devel Subject: Re: bug#10612: GnuTLS bundled with the windows Emacs binaries Date: Sun, 29 Jan 2012 10:08:47 -0700 Message-ID: <4F257D1F.5050105@gmail.com> References: <84boromyob.fsf@tum.de> <84ipknew07.fsf@tum.de> <87ipjzs512.fsf@gnus.org> <87wr8e8o58.fsf_-_@lifelogs.com> <4F256D1E.4070902@gmail.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Trace: dough.gmane.org 1327856937 15322 80.91.229.3 (29 Jan 2012 17:08:57 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sun, 29 Jan 2012 17:08:57 +0000 (UTC) Cc: Ted Zlatanov , Eli Zaretskii , Emacs-Devel devel To: Juanma Barranquero Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Jan 29 18:08:56 2012 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1RrYFM-0004cz-4D for ged-emacs-devel@m.gmane.org; Sun, 29 Jan 2012 18:08:56 +0100 Original-Received: from localhost ([::1]:32859 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RrYFL-0000LU-JC for ged-emacs-devel@m.gmane.org; Sun, 29 Jan 2012 12:08:55 -0500 Original-Received: from eggs.gnu.org ([140.186.70.92]:60603) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RrYFI-0000Ju-6i for emacs-devel@gnu.org; Sun, 29 Jan 2012 12:08:53 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RrYFG-0002AM-Sr for emacs-devel@gnu.org; Sun, 29 Jan 2012 12:08:52 -0500 Original-Received: from mail-gy0-f169.google.com ([209.85.160.169]:64633) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RrYFG-0002AI-JV; Sun, 29 Jan 2012 12:08:50 -0500 Original-Received: by ghrr14 with SMTP id r14so1596523ghr.0 for ; Sun, 29 Jan 2012 09:08:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=IISPYbrgfgIdxbRT8my4i6EYOXzSZq93SMgcjDvqsuU=; b=n9h/WX4BmR522k4xB+3bwSMd5X6/hnj9Mjk3YU8MMxDwLHp2vr3pDZIZGUXM0gMtAe z//dfYM9C95jeKvk/AjAkW0Rrx5JCSyMdSrDO+yvV/0BJ72e8/ZhkIOQ0nyGmk+bZY4l VsvkiXKrShkDKGw7Vapnyq+6qajrqVGctY9+A= Original-Received: by 10.236.123.47 with SMTP id u35mr21391847yhh.115.1327856929876; Sun, 29 Jan 2012 09:08:49 -0800 (PST) Original-Received: from [192.168.1.6] (71-212-144-226.hlrn.qwest.net. [71.212.144.226]) by mx.google.com with ESMTPS id o9sm26206460yhk.20.2012.01.29.09.08.48 (version=SSLv3 cipher=OTHER); Sun, 29 Jan 2012 09:08:49 -0800 (PST) User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 In-Reply-To: X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 209.85.160.169 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:148011 Archived-At: On 1/29/2012 9:47 AM, Juanma Barranquero wrote: >> I agree with >> Juanma who IIRC said that we are providing an _Emacs binary distribution_. > > Yes, and only because we're sort of forced to do it. Why is that? > Apart from politics, the other reason against (whether other people > finds it compelling or not, I don't know), is that including the > binary means taking responsibility. For example, to release security > upgrades as soon as possible, at least for serious bugs. That also > means monitoring the GnuTLS lists (or security bulletins). Which is > currently done, I think, but what if the people doing it suddently > lacks time or just moves to other pursuits? It's easy to start > distributing the GnuTLS DLLs, harder to stop doing it. I agree, but doesn't that also start with compiling support for GnuTLS into the prebuilt Emacs? Don't we start taking responsibility at that point? If there is a security update for GnuTLS that requires the user to use the latest certain version, don't we have to provide support for the latest version in the binary? Assuming that you can't use the fixed binary with the previous versions headers, that is. Christoph