From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: GnuTLS invasion of Emacs published) Date: Fri, 03 Feb 2012 11:51:01 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87vcnnj1xm.fsf@lifelogs.com> References: <4F25FA2F.2010401@gmail.com> <4F27F4A1.6030907@gmail.com> <6E4BE1E758D04283A7C3A660ED379966@us.oracle.com> <87liolnipl.fsf@lifelogs.com> <50081AA79F2F4860A3B9DCEDFC1ABEC8@us.oracle.com> <877h04nc2e.fsf@lifelogs.com> <83ehucfjc8.fsf@gnu.org> <87r4ycjbjz.fsf_-_@lifelogs.com> <83mx8zev8s.fsf@gnu.org> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1328287898 5047 80.91.229.3 (3 Feb 2012 16:51:38 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 3 Feb 2012 16:51:38 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Feb 03 17:51:38 2012 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1RtMMJ-0004av-N9 for ged-emacs-devel@m.gmane.org; Fri, 03 Feb 2012 17:51:35 +0100 Original-Received: from localhost ([::1]:54423 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtMMJ-0004tb-9J for ged-emacs-devel@m.gmane.org; Fri, 03 Feb 2012 11:51:35 -0500 Original-Received: from eggs.gnu.org ([140.186.70.92]:32859) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtMM7-0004sX-Ix for emacs-devel@gnu.org; Fri, 03 Feb 2012 11:51:33 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RtMLy-0002dD-0T for emacs-devel@gnu.org; Fri, 03 Feb 2012 11:51:23 -0500 Original-Received: from plane.gmane.org ([80.91.229.3]:60404) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtMLx-0002d1-Qy for emacs-devel@gnu.org; Fri, 03 Feb 2012 11:51:13 -0500 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1RtMLw-0004IL-B2 for emacs-devel@gnu.org; Fri, 03 Feb 2012 17:51:12 +0100 Original-Received: from c-76-28-40-19.hsd1.vt.comcast.net ([76.28.40.19]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 03 Feb 2012 17:51:12 +0100 Original-Received: from tzz by c-76-28-40-19.hsd1.vt.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 03 Feb 2012 17:51:12 +0100 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 73 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-76-28-40-19.hsd1.vt.comcast.net User-Agent: Gnus/5.130002 (Ma Gnus v0.2) Emacs/24.0.93 (gnu/linux) X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Cancel-Lock: sha1:CN9zrbFQFU9RpBcmyoBev9gW/Nw= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 80.91.229.3 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:148151 Archived-At: On Fri, 03 Feb 2012 18:29:07 +0200 Eli Zaretskii wrote: >> From: Ted Zlatanov >> Date: Fri, 03 Feb 2012 08:23:12 -0500 >> Cc: help-emacs-windows@gnu.org >> EZ> What other features in Emacs use TLS as of this writing? I thought EZ> only email protocols do, which is why I described GnuTLS as I did. >> >> Any network connection can use it. EZ> I asked about actual use, not potential uses. I think the potential use is just as important, since much of Emacs's utility is in 3rd party packages. But Stefan answered about the actual uses in the Emacs trunk; the URL package is most important (because of package.el) to the Emacs users in general. >> I think Lars introduced that option, and at least HTTP/S connections >> can use it. EZ> Then this needs to be documented somewhere. I agree. `open-network-stream' has some documentation, and is most useful as an API. User customization of gnutls.el is minimal right now, just `gnutls-algorithm-priority' and `gnutls-min-prime-bits'. But those are tricky: the specific library that uses the API may need to override them too. And generally they should not be tweaked. So I'm not sure those two deserve more mention in the manual. >> It's a replacement for the previous libraries that managed secure >> connections, except it doesn't depend on external binaries. So it >> really doesn't change much in terms of Emacs functionality, only in the >> underlying implementation. EZ> Lisp programmers should know they can use TLS when Emacs was compiled EZ> with GnuTLS support. Users should know that as well, because they EZ> will need to set up their machines for that. E.g., this: >> There is one annoying detail with the cert bundle on W32. It >> defaults to /etc/ssl/certs/ca-certificates.crt which is not valid on >> W32 and on many other platforms. I mentioned this because it's the only important GnuTLS-related configuration bit on all platforms. It should be in the manual, I think, but consider that I proposed a while back that Emacs should ship with its own version of the Mozilla cert bundle, so that this works on all platforms, but that was not OK with the maintainers. So that leaves us with the options of 1) trusting the platform (which doesn't work on W32, AFAIK it doesn't have a cert bundle we can use; and many GNU/Linux distros don't have a cert bundle in a standard place or at all), or 2) making the cert bundle a GNU ELPA package than any installer or user can activate. Because of these concerns, currently we don't verify the peer certificate in SSL and TLS connections. See `gnutls-negotiate' for how that would work. The connections are still encrypted, but you could be talking to an impostor. I prefer the GNU ELPA package approach instead of trusting the platform, but I also think the user should be able to customize this (and an installer should offer the choice). Coming back to documentation, I'd like to settle the greater question of how to distribute the cert bundle before we document the configuration options for it. WDYT? Ted