On Tue, 03 May 2011 17:25:44 +0200 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> The attached patch adds a :keylist parameter to `gnutls-boot' which is a
>> list of (client key file, client cert file) pairs.  It also renames the
>> :keyfiles parameter to :crlfiles since it's for CRL lists.  So now you
>> can specify any number of client certs.  If the key files require a
>> passphrase, the decoding won't work because we don't set a callback.

LMI> Right.  Hm...  if you specify a keyfile (that requires a password), does
LMI> starttls.el allow prompting for that password?  (I'm just wondering
LMI> whether the gnutls.c situation would be totally equivalent or not...)

I don't think so.  gnutls.c will eventually allow it if people need it.

>> (defun gnutls-negotiate (proc type hostname &optional priority-string
>> -                              trustfiles keyfiles verify-flags
>> +                              trustfiles crlfiles keylist verify-flags
>> verify-error verify-hostname-error)

LMI> Heh.  Yes, I think it would be better to change this to a plist.  :-)

Done, see attached (same patch with the plist change).

Ted