From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Simon Josefsson <simon@josefsson.org>
Newsgroups: gmane.comp.encryption.gpg.gnutls.devel,gmane.emacs.devel
Subject: Re: Emacs core TLS support
Date: Thu, 30 Sep 2010 12:10:22 +0200
Message-ID: <87sk0rbkz5.fsf@mocca.josefsson.org>
References: <878wc1vfh3.fsf@lifelogs.com> <871vhsvkut.fsf@lifelogs.com>
	<jwvbpgw1yp2.fsf-monnier+emacs@gnu.org> <87d41csktn.fsf@lifelogs.com>
	<87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com>
	<m3zkwqhixi.fsf@carbon.jhcloos.org> <87r5i2d00q.fsf@lifelogs.com>
	<87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com>
	<877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com>
	<jwvlj7fg7gk.fsf-monnier+emacs@gnu.org> <87wrqzhrjv.fsf@lifelogs.com>
	<jwvmxruehco.fsf-monnier+emacs@gnu.org> <87fwxmihyz.fsf@lifelogs.com>
	<8762ycfhqo.fsf@lifelogs.com>
	<AANLkTim_joNAMDoUACseNbTwVEn6dOAexWzb7PKML7K2@mail.gmail.com>
	<87d3sf9soo.fsf@lifelogs.com> <87eicn2upl.fsf@mocca.josefsson.org>
	<87k4m92fuq.fsf@lifelogs.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1285841480 13199 80.91.229.12 (30 Sep 2010 10:11:20 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Thu, 30 Sep 2010 10:11:20 +0000 (UTC)
Cc: gnutls-devel@gnu.org, emacs-devel@gnu.org
To: Ted Zlatanov <tzz@lifelogs.com>
Original-X-From: gnutls-devel-bounces+pgp-gnutls-dev=m.gmane.org@gnu.org Thu Sep 30 12:11:13 2010
Return-path: <gnutls-devel-bounces+pgp-gnutls-dev=m.gmane.org@gnu.org>
Envelope-to: pgp-gnutls-dev@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <gnutls-devel-bounces+pgp-gnutls-dev=m.gmane.org@gnu.org>)
	id 1P1G6a-0006SZ-1h
	for pgp-gnutls-dev@m.gmane.org; Thu, 30 Sep 2010 12:11:12 +0200
Original-Received: from localhost ([127.0.0.1]:57397 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1P1G6Y-0004FZ-Tb
	for pgp-gnutls-dev@m.gmane.org; Thu, 30 Sep 2010 06:11:11 -0400
Original-Received: from [140.186.70.92] (port=44583 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1P1G6V-0004FP-1Y
	for gnutls-devel@gnu.org; Thu, 30 Sep 2010 06:11:08 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <simon@josefsson.org>) id 1P1G6S-0005KC-NB
	for gnutls-devel@gnu.org; Thu, 30 Sep 2010 06:11:06 -0400
Original-Received: from yxa-v.extundo.com ([83.241.177.39]:34749)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <simon@josefsson.org>)
	id 1P1G6R-0005JM-Dh; Thu, 30 Sep 2010 06:11:04 -0400
Original-Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64])
	(authenticated bits=0)
	by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id
	o8UAASeR023054
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT);
	Thu, 30 Sep 2010 12:10:43 +0200
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:100930:gnutls-devel@gnu.org::elDYycmvgjx2W/Vi:2eqd
X-Hashcash: 1:22:100930:emacs-devel@gnu.org::E3kNA1ceck9LMblV:5Fps
X-Hashcash: 1:22:100930:tzz@lifelogs.com::bkGXwu1DCOIc2pU0:Cop1
In-Reply-To: <87k4m92fuq.fsf@lifelogs.com> (Ted Zlatanov's message of "Sun, 26
	Sep 2010 01:12:13 -0500")
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux)
X-Virus-Scanned: clamav-milter 0.96.3 at yxa-v
X-Virus-Status: Clean
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 1)
X-BeenThere: gnutls-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GnuTLS development discussions <gnutls-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/gnutls-devel>,
	<mailto:gnutls-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/gnutls-devel>
List-Post: <mailto:gnutls-devel@gnu.org>
List-Help: <mailto:gnutls-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/gnutls-devel>,
	<mailto:gnutls-devel-request@gnu.org?subject=subscribe>
Original-Sender: gnutls-devel-bounces+pgp-gnutls-dev=m.gmane.org@gnu.org
Errors-To: gnutls-devel-bounces+pgp-gnutls-dev=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.comp.encryption.gpg.gnutls.devel:4563 gmane.emacs.devel:131099
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/131099>

Ted Zlatanov <tzz@lifelogs.com> writes:

>>> +PRIORITY-STRING is as per the GnuTLS docs.
>
> SJ> Maybe there could be an info hyperlink here?
>
> Sorry, you mean to the GnuTLS webserver?  I don't know if that's
> necessary.

I was thinking to the Info manual.  Just a nit...

> SJ> 2) The design makes it a bit difficult to support multiple
> SJ> credentials.  The GnuTLS API allows clients to have several
> SJ> credentials (X.509, OpenPGP, etc).  Perhaps copying the GnuTLS API
> SJ> further is more flexible.
>
> I thought of making it more flexible but I really want to get the basic
> case working.

That's probably a good idea.

> As I mentioned earlier I think GnuTLS should consider further
> extending the idea of priority strings to a full configuration
> (credentials especially) in a single string or file.  That would make
> using it so much easier from Emacs Lisp.

Hm.  Interesting, yes, it could do that.  I'm not sure it makes sense to
support at the C layer, but I'll think about it.

> I tried to figure out the TLS handshake problem but it has stumped me.
> It's taken me many hours and I still don't know what I'm missing so, as
> I mentioned in my other message, I've checked in my current state to let
> others take a look.  If you or other GnuTLS developers can help, it
> would be greatly appreciated.  Once the handshake works I will work on
> the other improvements you mentioned and on getting the GnuTLS support
> into Gnus and other parts of Emacs.

Isn't it just that you don't have a proper X.509 setup?

/Simon