From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel,gmane.emacs.windows Subject: GnuTLS invasion of Emacs (was: Emacs 24.0.93 Pretest Windows Binaries published) Date: Fri, 03 Feb 2012 08:23:12 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87r4ycjbjz.fsf_-_@lifelogs.com> References: <4F25FA2F.2010401@gmail.com> <4F27F4A1.6030907@gmail.com> <6E4BE1E758D04283A7C3A660ED379966@us.oracle.com> <87liolnipl.fsf@lifelogs.com> <50081AA79F2F4860A3B9DCEDFC1ABEC8@us.oracle.com> <877h04nc2e.fsf@lifelogs.com> <83ehucfjc8.fsf@gnu.org> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1328275416 3393 80.91.229.3 (3 Feb 2012 13:23:36 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 3 Feb 2012 13:23:36 +0000 (UTC) Cc: help-emacs-windows@gnu.org To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Feb 03 14:23:35 2012 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1RtJ70-0003nA-Qk for ged-emacs-devel@m.gmane.org; Fri, 03 Feb 2012 14:23:34 +0100 Original-Received: from localhost ([::1]:41705 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtJ70-00031C-5Y for ged-emacs-devel@m.gmane.org; Fri, 03 Feb 2012 08:23:34 -0500 Original-Received: from eggs.gnu.org ([140.186.70.92]:46380) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtJ6u-000316-6I for emacs-devel@gnu.org; Fri, 03 Feb 2012 08:23:32 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RtJ6q-0008O1-3F for emacs-devel@gnu.org; Fri, 03 Feb 2012 08:23:28 -0500 Original-Received: from plane.gmane.org ([80.91.229.3]:57020) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtJ6p-0008Nx-T8 for emacs-devel@gnu.org; Fri, 03 Feb 2012 08:23:24 -0500 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1RtJ6o-0003hk-9v for emacs-devel@gnu.org; Fri, 03 Feb 2012 14:23:22 +0100 Original-Received: from c-76-28-40-19.hsd1.vt.comcast.net ([76.28.40.19]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 03 Feb 2012 14:23:22 +0100 Original-Received: from tzz by c-76-28-40-19.hsd1.vt.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 03 Feb 2012 14:23:22 +0100 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 33 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-76-28-40-19.hsd1.vt.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.130002 (Ma Gnus v0.2) Emacs/24.0.93 (gnu/linux) Cancel-Lock: sha1:/pbEf0PANTN+Sn2Ll4F5FtUBkag= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 80.91.229.3 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:148145 gmane.emacs.windows:5265 Archived-At: On Fri, 03 Feb 2012 09:48:39 +0200 Eli Zaretskii wrote: >> From: Ted Zlatanov >> >> GnuTLS provides SSL and TLS encryption for any network connection, hence >> "secure networking" in my earlier message. It can encrypt e-mail >> protocols like IMAP and SMTP but does not deal with e-mail messages. EZ> What other features in Emacs use TLS as of this writing? I thought EZ> only email protocols do, which is why I described GnuTLS as I did. Any network connection can use it. I think Lars introduced that option, and at least HTTP/S connections can use it. EZ> If other protocols we have can be secured by GnuTLS, there seems to be EZ> a gap in our documentation, because I couldn't find any place where EZ> that is mentioned, except in relation to SMTP and the likes. (subject adjusted accordingly) It's a replacement for the previous libraries that managed secure connections, except it doesn't depend on external binaries. So it really doesn't change much in terms of Emacs functionality, only in the underlying implementation. There is one annoying detail with the cert bundle on W32. It defaults to /etc/ssl/certs/ca-certificates.crt which is not valid on W32 and on many other platforms. See `open-gnutls-stream' and the rest of gnutls.el. I was going to bring in the Mozilla cert bundle with the binary installer I'm planning so I didn't attack this problem sooner; if you have suggestions for the default cert bundle on W32 let me know. Thanks Ted