From mboxrd@z Thu Jan  1 00:00:00 1970
Path: main.gmane.org!not-for-mail
From: Simon Josefsson <jas@extundo.com>
Newsgroups: gmane.emacs.devel
Subject: Re: lisp/url/url-https.el
Date: Mon, 12 Apr 2004 11:54:45 +0200
Sender: emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org
Message-ID: <ilulll1o716.fsf@latte.josefsson.org>
References: <ilufzbfij8f.fsf@latte.josefsson.org>
	<E1BBayU-0006YY-Fb@fencepost.gnu.org>
	<x5lll6trzz.fsf@lola.goethe.zz> <E1BC4jS-0005Fw-13@fencepost.gnu.org>
	<m13c7bc2y6.fsf-monnier+emacs@empanada.iro.umontreal.ca>
	<E1BCsUa-0007bj-KK@fencepost.gnu.org>
NNTP-Posting-Host: deer.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1081763828 27913 80.91.224.253 (12 Apr 2004 09:57:08 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Mon, 12 Apr 2004 09:57:08 +0000 (UTC)
Original-X-From: emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org Mon Apr 12 11:56:59 2004
Return-path: <emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org>
Original-Received: from quimby.gnus.org ([80.91.224.244])
	by deer.gmane.org with esmtp (Exim 3.35 #1 (Debian))
	id 1BCyBX-0004Cn-00
	for <emacs-devel@deer.gmane.org>; Mon, 12 Apr 2004 11:56:59 +0200
Original-Received: from monty-python.gnu.org ([199.232.76.173])
	by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian))
	id 1BCyBX-0005Xg-00
	for <emacs-devel@quimby.gnus.org>; Mon, 12 Apr 2004 11:56:59 +0200
Original-Received: from localhost ([127.0.0.1] helo=monty-python.gnu.org)
	by monty-python.gnu.org with esmtp (Exim 4.30)
	id 1BCxEy-0004zW-Rd
	for emacs-devel@quimby.gnus.org; Mon, 12 Apr 2004 04:56:28 -0400
Original-Received: from list by monty-python.gnu.org with tmda-scanned (Exim 4.30)
	id 1BCxEs-0004vj-M9
	for emacs-devel@gnu.org; Mon, 12 Apr 2004 04:56:22 -0400
Original-Received: from mail by monty-python.gnu.org with spam-scanned (Exim 4.30)
	id 1BCxEr-0004vU-8G
	for emacs-devel@gnu.org; Mon, 12 Apr 2004 04:56:21 -0400
Original-Received: from [80.91.224.249] (helo=main.gmane.org)
	by monty-python.gnu.org with esmtp (Exim 4.30) id 1BCxDN-0004HP-D3
	for emacs-devel@gnu.org; Mon, 12 Apr 2004 04:54:49 -0400
Original-Received: from list by main.gmane.org with local (Exim 3.35 #1 (Debian))
	id 1BCy9T-00018c-00
	for <emacs-devel@gnu.org>; Mon, 12 Apr 2004 11:54:51 +0200
Original-Received: from h246n3c1o299.bredband.skanova.com ([217.208.174.246])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 12 Apr 2004 11:54:51 +0200
Original-Received: from jas by h246n3c1o299.bredband.skanova.com with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 12 Apr 2004 11:54:51 +0200
X-Injected-Via-Gmane: http://gmane.org/
Original-To: emacs-devel@gnu.org
Original-Lines: 31
Original-X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: h246n3c1o299.bredband.skanova.com
User-Agent: Gnus/5.110002 (No Gnus v0.2) Emacs/21.3.50 (gnu/linux)
Cancel-Lock: sha1:brc+g9aIS88FcxzJICB7U7jV/ls=
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.4
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://mail.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://mail.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://mail.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org
Xref: main.gmane.org gmane.emacs.devel:21521
X-Report-Spam: http://spam.gmane.org/gmane.emacs.devel:21521

Richard Stallman <rms@gnu.org> writes:

>     Are url-https.el and ssl.el really specifically designed to call
>     encryption routines?  I thought they only run some external communication
>     program which happens to use encryption.
>
> I am not sure whether this makes a difference.  I had better get legal
> advice about this.  Could someone describe for me the overall
> structure of the situation, so I can ask about it?

The general idea is that URL (and other elisp packages, such as Gnus,
W3 and maybe others) need SSL/TLS functionality in order to connect to
HTTP or IMAP servers (for browing the web, or reading mail) that uses
SSL/TLS.  OpenSSL or GNUTLS provides that, via a command line
interface (I wrote patches to make an elisp API for them, via the
shared libraries, but they were never adopted).  Since having each and
every elisp application write its own OpenSSL/GNUTLS handling, ssl.el
was presumably written, mimicking the open-network-stream API, only
that it open the stream over a SSL/TLS connection via the command line
application.  The point of SSL/TLS is to provide authentication,
integrity and/or encryption (all optional, and can be configured in
very high detail, although this configuration is probably not possible
via a command line application, but would have been one of the
features of my direct elisp API to the libraries).  The default
behaviour of both OpenSSL and GNUTLS is to negotiate the most secure,
mutually implemented, algorithms, though.

I wrote tls.el that uses GNUTLS, instead of OpenSSL which ssl.el uses.
Gnus and smtpmail.el uses tls.el, and if possible I think url-https.el
should as well.  I'm not sure we need ssl.el in Emacs, it might be
better to make users use GNUTLS instead of OpenSSL.