From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Eli Zaretskii <eliz@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: NSM certificate prompt
Date: Sun, 14 Dec 2014 18:53:09 +0200
Message-ID: <83fvci41hm.fsf@gnu.org>
References: <83a92r625n.fsf@gnu.org> <87wq5vefiz.fsf@gmx.de>
	<83388j5wrs.fsf@gnu.org> <87mw6reaxu.fsf@gmx.de>
	<83y4qb4eeg.fsf@gnu.org> <83vblf4b2p.fsf@gnu.org>
	<87r3w3z60b.fsf@lifelogs.com> <83r3w348m8.fsf@gnu.org>
	<87iohfyprn.fsf@lifelogs.com> <83mw6q51x4.fsf@gnu.org>
	<87egs2zcqf.fsf@lifelogs.com>
Reply-To: Eli Zaretskii <eliz@gnu.org>
NNTP-Posting-Host: plane.gmane.org
X-Trace: ger.gmane.org 1418576042 8887 80.91.229.3 (14 Dec 2014 16:54:02 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sun, 14 Dec 2014 16:54:02 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Dec 14 17:53:54 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Y0CQa-0005QB-A7
	for ged-emacs-devel@m.gmane.org; Sun, 14 Dec 2014 17:53:52 +0100
Original-Received: from localhost ([::1]:36470 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Y0CQZ-0006Nf-Vv
	for ged-emacs-devel@m.gmane.org; Sun, 14 Dec 2014 11:53:51 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:59730)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eliz@gnu.org>) id 1Y0CQH-0006DP-KD
	for emacs-devel@gnu.org; Sun, 14 Dec 2014 11:53:39 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eliz@gnu.org>) id 1Y0CQB-0001Yb-Ny
	for emacs-devel@gnu.org; Sun, 14 Dec 2014 11:53:33 -0500
Original-Received: from mtaout24.012.net.il ([80.179.55.180]:39639)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
	id 1Y0CQB-0001YD-Fu
	for emacs-devel@gnu.org; Sun, 14 Dec 2014 11:53:27 -0500
Original-Received: from conversion-daemon.mtaout24.012.net.il by mtaout24.012.net.il
	(HyperSendmail v2007.08) id
	<0NGK00N00ZGRSQ00@mtaout24.012.net.il> for emacs-devel@gnu.org;
	Sun, 14 Dec 2014 18:45:36 +0200 (IST)
Original-Received: from HOME-C4E4A596F7 ([87.69.4.28]) by mtaout24.012.net.il
	(HyperSendmail v2007.08) with ESMTPA id
	<0NGK00KZUZW04140@mtaout24.012.net.il> for emacs-devel@gnu.org;
	Sun, 14 Dec 2014 18:45:36 +0200 (IST)
In-reply-to: <87egs2zcqf.fsf@lifelogs.com>
X-012-Sender: halo1@inter.net.il
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 80.179.55.180
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:180093
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/180093>

> From: Ted Zlatanov <tzz@lifelogs.com>
> Date: Sun, 14 Dec 2014 06:34:32 -0500
> 
> Please add the code unconditionally as you planned. I think it will be
> an improvement that way.

Done in e99ce63 on master.

> I will then add code to make the transition easier after your patch:
> 
> * add a featurep or a function to GnuTLS that tells us if that system
>   function is available
> 
> * when it's available, default the trustfiles to nil
> 
> * when it's not available, use the old trustfiles default
> 
> * add a specific boolean option to disable that system function, off by default

Please mention in the docstring of that option that disabling the
system function on MS-Windows requires the user to install a
certificate bundle and point gnutls-trustfiles to the place where it
is installed.

> * improve messaging to tell the user what trustfiles we're loading
> 
> * update NEWS, docs, etc.
> 
> I hope that's more agreeable.

Yes, thanks in advance.