From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Lars Magne Ingebrigtsen Newsgroups: gmane.emacs.devel Subject: Re: Testing the gnutls support Date: Sun, 10 Oct 2010 17:26:49 +0200 Organization: Programmerer Ingebrigtsen Message-ID: References: <87r5g0x0fd.fsf@lifelogs.com> <83mxqnmqqy.fsf@gnu.org> <8762xalkgg.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1286724592 3147 80.91.229.12 (10 Oct 2010 15:29:52 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sun, 10 Oct 2010 15:29:52 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Oct 10 17:29:50 2010 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1P4xqO-0007vR-64 for ged-emacs-devel@m.gmane.org; Sun, 10 Oct 2010 17:29:48 +0200 Original-Received: from localhost ([127.0.0.1]:55551 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1P4xqN-000315-29 for ged-emacs-devel@m.gmane.org; Sun, 10 Oct 2010 11:29:47 -0400 Original-Received: from [140.186.70.92] (port=53614 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1P4xq8-0002xG-Lb for emacs-devel@gnu.org; Sun, 10 Oct 2010 11:29:36 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1P4xnf-0004K2-EJ for emacs-devel@gnu.org; Sun, 10 Oct 2010 11:27:04 -0400 Original-Received: from lo.gmane.org ([80.91.229.12]:58560) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1P4xnf-0004JL-4u for emacs-devel@gnu.org; Sun, 10 Oct 2010 11:26:59 -0400 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1P4xnd-0006hG-CF for emacs-devel@gnu.org; Sun, 10 Oct 2010 17:26:57 +0200 Original-Received: from cm-84.215.34.171.getinternet.no ([84.215.34.171]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 10 Oct 2010 17:26:57 +0200 Original-Received: from larsi by cm-84.215.34.171.getinternet.no with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 10 Oct 2010 17:26:57 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 25 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: cm-84.215.34.171.getinternet.no Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEX5lff8lvayT3T5nPHG bqH4kvP4mPanKFfhp9jcidx9r93+AAACTklEQVQ4jXWUv2/aQBTHnbHjFUzE2IvVg9F1IHRr3YfM jQ6cAlutBqSMPSE9sZU2RTBC7MD9t30HxvwIfYON7qPvD54xTvCfcXa3hqLpBo3uOXAtMPaiGpmK SyYHPlP3E4w04lhHuEbAbzvQmsfvEaP6GrQe3wm6vljwmfPa7J5A+0ESuBYwFjcWrBH5/DqKhH6Q Ex2JCPnOShDopIPUZD0jZbVdlVXZtSBNNWwUK+aWAyeFH6hBCJ3XAwhvPW9b1+0J1LVfB9DLwTDl iLqz3INPoXdDwK8kKdcavQVjDmNxZfQDWn8UgVECnHPUMmYAT/JRSkjDzIJhSoWpcsZSA1BOoZ1C TBmJgh2QcdqT8Aiw7AEjRQs4bgFkJFhZFTEnGISCU10uOCzM6+ideVoaY5jjK7DJFC+4ifeNXWrF wAtDa8a5zL+KipVyfFeabjncgsVO4ZJV7PiDWcIYCG0VhdWcwCax66EM7UGxlYFyGjMrFpSuOeSL JC/ltKb0aWVroWc2ucDuatNkSZnbh4j1QZAcgJolVW7b6rCWNa9yCdVt9BObjLR2tfm+z6YMv/tM j5isalfu3+S4rvsc2nMtE9XMjyvbXbHe1glR9gsBDQGVr70+Y6fAba1sKTHOTgD90vsEJEQ4PQOV 4ULgJF7jl1PARqN+hHrZjz6eK0bV34jtl/Jb4C7oVZqy8wyWMPLCJWOngBGoPiNO3gIaQ0v5egmU 6XX7eQm4FPLhErjT47l/CvySvXUDpU7O3Vyh8jm2Ckp+cX7EnOK/p5jYwtI/V+YJF1894pAAAAAA SUVORK5CYII= Mail-Copies-To: never X-Now-Playing: Various's _Methods of Dance (1)_ User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:/bTzKi/VPlcJ63Bnvkz2+2ztRSE= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:131583 Archived-At: Ted Zlatanov writes: > 1) we should be verifying the host name matches the certificate--but > should this be done in gnutls.el or gnutls.c? The negotiation is done in emacs_gnutls_read now, sort of, isn't it? I'm not quite sure how to pass that info back to Elisp land -- it'd have to be a callback of some sort, wouldn't it? > 2) we should set up a verification callback (but this is not available > in mainstream Debian/Ubuntu yet, since it's new in 2.10). In the > callback we should let the user accept an invalid certificate. I'd like > to defer this until 2.10 is in the Debian mainstream. Sounds OK to me. > 3) We should give users a way to accept certificates. Right now they > can pass a list of trust file names themselves but I think this should > be a more general facility. Yes. -- (domestic pets only, the antidote for overdose, milk.) larsi@gnus.org * Lars Magne Ingebrigtsen